Metrics

What are Metrics?

Metrics is a customisable feature that can be enabled upon request for the Enterprise Risk Management and Information Security modules. Metrics was created to work with section 9.1 within the ISO27001 Standard. It allows you to monitor certain areas around a control or risk toguiding ensurethe they are operating as they should, it is an additional methodassessment of checka control maturity, risk evaluation or treatment plan.

Metrics has its own report or the healthdetails of youra ISMS.metric,
Whenif linked to controls and/or risks it helps to guide the user to accurately evaluate the thea control maturity or risk informing.will show in the risk register report.

Creating a Metric

When metrics is turned on it will be available from the 'Organisation' dropdown listed under 'Organisation Setup' and 'Assets'. The metric can be assigned to a specific division if required and an owner nominated to ensure accountable updates.

Metric Configuration allows you to decide to set boundaries or comparison values.
A time frame can be set in which the metric should be updated, the frequency will result in notifications being emailed to the owner to prompt updates.