- GQM and PRAGMATIC methods, used to specify and design/select information security metrics in a rational, structured manner.
- How to differentiate the few worthwhile from the many worthless security metrics.
- Analytical/critical thinking techniques you need to evaluate, shortlist, implement, use and improve security metrics.
- How to discuss, choose and refine security metrics in conjunction with your peers and management.
