This training on healthcare information security will outline, simple but powerful, qualitative and quantitative security metrics that you can use to judge the effectiveness of your information security program in a healthcare setting.
Why Should You Attend:
Historically the Security or IT departments have been either hard-pressed or reluctant to discuss the cost-benefit; some would call it the "ROI" of security investments. Instead of justifying a particular step or technology or device based on a cost-comparison with an option or alternative, the justification was often made through a description of the threat it would counteract: meaning use of a fear-factor or threat of legal or compliance consequences if the request to act fails. But today, they are calling for accountability and justification along the same lines as the other areas of the organization.
This presentation will address the concepts of security metrics and what they are intended to show. We will talk about Security ROI, and what it really means. We will discuss cost-benefit analysis, cost-justification, architectural integration, LC-TCO as part of the equation. We will touch on the justification process and why security that is "good enough" is both sufficient.
Areas Covered in the Webinar:
- What metrics are and what they should be measuring
- Types and methods of measuring
- Assessing your environment and selecting the proper metrics to represent it accurately
- How to approach the problem: the goal, approaches, breaking down the process, and getting started
- Getting Management Buy-in for Action Before and After
- Lies, Damn Lies, and Statistics - The Limits of Informational Content: What they tell you and what they can't or don't tell you
Added by complianceonlinecom on March 18, 2013