10 KPIs for Security Assessment


Infosec GRC or TPRM assessments often fall short of intended risk management or compliance objectives. Can we establish a set of meaningful and measurable KPIs that can help elevate the ROI of these assessments?

In this webinar we will cover 10 valuable KPIs for security risk assessments you can consider implementing into your process and workflow.

  1. Insightful Observations
  2. Risk Analysis
  3. Compliance Mapping
  4. Insightful Recommendations
  5. Actionable Recommendations
  6. Stakeholder Identification and Engagement
  7. Sign-off or Feedback by Accountable Owner/s
  8. Security Policy Updates
  9. Business/Operations Enablement/Impediment
  10. Executive Management Awareness

Register now to learn more!

Your Speakers

Chris Logan has more than 25 years in IT operations and strategy. Previously he was Director Global Healthcare Industry at VMware, where he helped healthcare clients achieve their strategic outcomes by implementing the company’s industry solutions. Prior to VMware, Chris was the Chief Information Security Officer for Care New England Health System located in Providence, RI, where his role was providing security and technology leadership and enabling positive business outcomes for the organization and its partners. He has also worked in security leadership roles at Lifespan Corporation, Century Bank, the Massachusetts Institute of Technology and he served in the United States Marine Corps. Chris is also a professor at Providence College in their school of business, where he provides instruction to graduate students on the management of technology and operations and service management.

Your Speakers

Kamal Govindaswamy is a partner and co-founder at Tueoris, an information security and privacy consulting firm that serves customers in the US and overseas. He has over 20 years of information security/compliance consulting experience, starting out in security architecture and engineering roles focused on Identity and Access Management, Data Loss Prevention and Incident Detection. He leverages this experience to deliver practical and meaningful strategies/advisory solutions for information security program components, including GRC/TPRM . He has had significant focus on Healthcare - among other industries - since the early days of HIPAA and especially since the passage of the HITECH Act (2009) in the US.