International Journal of Computer Applications
The notion of security metrics is a very significant aspect for Business Information System (BIS). Information security metrics are often underused and in some cases unseen, anyway could be a profitable instrument in assembling better enterprise security. This information aides measure the day-by-day impact and quality of current defends and shows the quality of these functions through all business methodologies. This paper discusses aspire methodical approach to identify the right metrics to measure security preparedness and move toward a strong justification for information security investment and better enterprise outcomes.