The NIST Special Publication 800-55, Volume 2, titled “Measurement Guide for Information Security,” provides a flexible methodology and workflow for developing an information security measurement program. It is designed to help organizations establish a structured approach to measuring the effectiveness of their information security policies, procedures, and controls. Volume 2 complements Volume 1, which focuses on identifying and selecting relevant security measures, by emphasizing program development, ongoing measurement activities, and communication of results to support informed decision-making and risk management processes. This guide supports organizations in enhancing accountability, audit readiness, and risk-based prioritization related to information security practices
Home / Function (NIST CSF 2.0) / DE - Detect / MN - Monitoring
NIST SP 800-55 Vol. 2 Measurement Guide for Information Security: Volume 2 — Developing an Information Security Measurement Program
This document focuses on:KRI