Measuring Return on Investment in Security Architecture

The previous chapter emphasised the need to be able to measure and monitor performance. This next chapter builds upon that idea by looking at the measures of business performance that can be associated with security architecture. Increasingly, senior management teams are looking for business cases in advance of making a major investment in new developments. A key performance indicator that they are looking for is some measure of return on investment, or at least return of value. This chapter examines several approaches that can be adopted for evaluating the return on an investment in an enterprise security architecture.