What: CHICAGO Metrics® is here to enable YOU to tell a better story.
How: With a solid toolset and metrics program that speaks to all levels from engineer to the Board.
Why: Because we believe from the front lines to the Board room IT and Information Security leaders have to be able to tell their story in order to gain support, funding, and resources as they enable the business to move faster.
How: With a solid toolset and metrics program that speaks to all levels from engineer to the Board.
Why: Because we believe from the front lines to the Board room IT and Information Security leaders have to be able to tell their story in order to gain support, funding, and resources as they enable the business to move faster.
Member Feedback
Following an Executive Report Out:
Post Feature Release:
- First thing they wanted was the “single risk score”, so the bottom-line maturity metric appeals to them.
- Second point they really liked is the next-layer drill down to the 6 core component metrics, to begin to see where gaps are but still at a high level.
- Third thing they really liked (which I pointed out because I knew they would!) is the H metric … they are always concerned with the human morale and productivity impact of what security does.
Post Feature Release:
- The dashboard filtering it helpful as I continue to construct my first “Baseline canonical measures set” … I am using earlier month dates as my playground, and now can see the effects of different approaches.
CHICAGO Metrics® is a program to help you to have a better conversation with business leadership in terms that they understand. Translate between executives and technicians with a solid metrics program that takes any number of tactical metrics and aggregates them into the six business aligned Key Performance/Risk Indicators: Confidentiality, Human Resources, Integrity, Character, Availability, and GOld. Use LEAN IT Tools to tell a better story to technicians and your end-users. Use a fill-in-the-blank policy set to manage your program and meet the needs of your auditors. Complete the cycle by leveraging strategic planning tools to show executives you have a plan.
Next time your executive team or Board asks you, "How secure are we?", give them your CHICAGO Score™!
Next time they ask you, "How is IT helping us?", give them your CHICAGO Score™ and show how IT is enabling the business!
Executive Membership includes one-year of full access to the CHICAGO Metrics® Program:
CHICAGO Metrics® has a library of policies, procedures, standards, and guidelines to operate your IT organization. Executive Membership includes documents with alignment to:
We also are providing the tools, as part of a Executive Membership, to establish good processes for good people to follow to implement solid technology.
Next time your executive team or Board asks you, "How secure are we?", give them your CHICAGO Score™!
Next time they ask you, "How is IT helping us?", give them your CHICAGO Score™ and show how IT is enabling the business!
Executive Membership includes one-year of full access to the CHICAGO Metrics® Program:
- CHICAGO Metrics® Tracking Tool - Basic Membership Available Here
- CHICAGO Score™ Dashboards
- CHICAGO Maturity Model
- A3 Reporting Template
- Risk Register
- Risk Score using Likelihood and Impact Mapping Tool
- Effort Score using Time and Cost Mapping Tool
- ROI Calculator
- Magic Quadrant Visual Display Chart
- Threat Heat Map Tool
- Vendor Risk Assessment Platform
- NIST CSF Assessment Tool
CHICAGO Metrics® has a library of policies, procedures, standards, and guidelines to operate your IT organization. Executive Membership includes documents with alignment to:
- NIST 800-53r4 (all levels) - Sample
- HIPAA - Sample
- ISO 27001 (coming soon)
- PCI DSS 3.2 - Sample
- AOPO - Sample
We also are providing the tools, as part of a Executive Membership, to establish good processes for good people to follow to implement solid technology.
- LEAN IT Tools
- 3 Year Plan/Strategy Building Tools
The six CHICAGO Metrics'® Key Performance/Risk Indicators -
|
ConfidentialityProtecting intellectual property, PII, PHI, customer data, PCI data, etc. can be a challenge. Understanding how each tactical metric impacts this risk indicator can better drive resource allocation.
|
Human ResourcesEvery organization has people to get their jobs done and managing them is important to the organization to ensure these resources are fully being leveraged. Reducing risk in this area will ensure people are productive, happy, and efficient.
|
|
|
IntegrityEnsuring that data has not been changed is important for any organization. This can range from design/manufacturing specs to government reporting documents. Informally, "Keeping the bad guys out", is paramount to any organization.
|
CharacterManaging character or reputation risk is important for every organization. It has been said that there is no such thing as bad press. However, some organization have felt the sting of public opinion. Reducing the risk to an organization's character can equate to real dollars.
|
|
|
Availability
Your organization has spent incredible amounts of money on infrastructure in order to deliver information via technology. If none of it is available all of that expense and effort is for not. Manage the risk in this area and keep the systems running, the people working, and the business successful.
|
|
Gold
In the for-profit world the goal is to create shareholder value. In the non-profit world if there is no margin there is no mission. In any organization managing the Gold, finances, is important. Understanding the risks that have a significant financial impact is looked upon favorably by leadership.
|
|
Confidentiality, Human Resources, Integrity, Character, Availability, Gold™ is a trademark of CHICAGO Metrics®.