(.mil/.gov ONLY) IA Metrics CR/TA This report establishes the fundamentals of metrics development methodology and metrics program establishment. It answers the following questions: – What are IA metrics? – Why do organizations need them? – How can they be used? – What is the process for developing IA metrics? – What are some of the IA metrics already and what are their strengths/weaknesses? – What is the future direction for IA metrics? This report is intended to further facilitate the IA metrics discussion within the IA community, assist organizations in developing IA metrics, and provide guidance to organizations about how to establish their IA metrics programs. It provides examples of specific metrics that can be derived using the proposed methodology. The report also describes several ongoing metrics development, collection, and application efforts. A database of metrics, collected from multiple sources, is available from CSIAC. How to Obtain a Hardcopy: Contact the CSIAC at email@example.com. How to Obtain a PDF: The PDF for this document is currently not available online. Please contact the CSIAC at firstname.lastname@example.org.
- NISTIR 8170 DRAFT – The Cybersecurity Framework: Implementation Guidance for Federal Agencies Reference Document
- Automation and Ongoing Authorization Transition/Implementation Reference Document
- Introduction to Tools & Testing Techniques for Assured Software – DoD Software Assurance Community of Practice: Volume 2 Journal Article
- Report on Lightweight Cryptography Reference Document
- Industry Risks – Cybersecurity in the Workplace is Everyone’s Business Video Podcast