Case Study: Security Metrics Dashboard
Situation Serving
the largest company in its industry, the Corporate Security department
wanted
to standardize on a set of meaningful security metrics to communicate
performance.
Incident data had been collected in multiple, separated databases and,
other
than case-by-case, analysis was difficult to perform and incident
trends not
regularly monitored. The security department was not widely understood
and
wanted to identify metrics meaningful to senior management and
integrate them
into a regular report. The
team’s approach combined evaluating external practices with
internal needs and
existing capabilities. An internal analysis of the company’s
previous reporting
and metric usage was undertaken and compared to that of select
companies known
to be advanced in performance measurement. Specific objectives included
evaluating current incident reporting practices, integration with the
company’s
case management system, and ascertaining internal client and senior
leadership
needs. The case team identified meaningful performance and cost metrics
used by
peers and compared them with the internal needs of the company.
Multiple metrics were evaluated for
suitability in incident trending, mitigation effectiveness and
value-added.
Incident and performance data were compared cross-sectionally relative
to prior
years and targets to ascertain informative value. Analysis & Results A detailed
report was developed that would facilitate comparative analysis and
generate
insights for improvement. The report was designed in a tiered structure
so that
it could be rolled up to a comprehensive monthly executive overview but
with a
detailed section available for distribution to the person accountable
in the
area. New sub-components provided important input and included threat
assessment
metrics, incident trending analyses, mitigation effectiveness
evaluations, recoveries,
settlement awards and prosecution performance. Each section also
contained
comparative data on growth and net cost, case management and load
balances, as
well as security responsiveness to help requests. The report could be
web-based
with both an input and output capability. Benefits to Client The
newly designed report was able to demonstrate Corporate
Security’s performance
in concise, digestible format with meaningful metrics. The
standardization
improved meeting efficiency and internal communication as common
parameters and
associated terminology became more widely known and adopted. Senior
leaders
became more conversant with security activities and cognizant of the
benefits
provided. The Corporate Security department found it easier to set
forward-looking objectives and quantify them for reward purposes.
Reporting
sections were designed by area of accountability to enable better
management by
objectives. Overall, the security metrics dashboard integrated
multiple,
informal reports into one document with one common set of definitions. |
Case Studies
- Cost-Benefit Analysis
- Governance Model
- Security Integration
- US Site Security
- Physical Security Benchmarking
- Security Vision and Strategy
- High-Profile Landmark Building
- Risk Based Resource Allocation
- Threat Analysis
- Disaster & Terrorism Preparedness
- Pandemic Preparedness