Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook
Academy home
Helps
How to use the metrics feature

Metrics page help define and monitor key security metrics

Metrics-page you can find it in the left menu of Cyberday. By default it's located under the "More" button, but you can pin the page to the top of the left menu if you want.

Which metrics are available?

We're currently supporting the following metrics:

Line charts (for last 12 months)

  • Compliance score (for each framework): Compliance score describes how strongly you have implemented framework's requirements.
  • Guideline acceptance rate: Guideline acceptance shows the average amount of their security guidelines your employees have read.
  • Documentation completion rate: Completion rate describes how many documentation items have been set to 'done' statuses.
  • Documentation activity rate: Activity rate describes how many documentation items have been set to 'active' statuses.

Bar charts (yearly)

  • New / closed non-conformities: Identifying non-conformities and treating them is one way for improving your information security.
  • New / closed improvements: Identifiying, prioritizing and implementing security-related improvements enable your ISMS's continuous improvement.
  • New / treated risks: Identifying new relevant risks and treating is one way for improving your information security.
  • New / closed incidents: Detecting security-related incidents and treating them is one way for improving your information security.

Single number cards (current 12 months)

  • Items needing attention: How many items in your account are either pending for review or overdue
  • Tasks pending for review: How many tasks are currently past their review date
  • Documentation pending for review: How many documentation items are currently past their review date
  • Tasks overdue: How many tasks are currently past their due date and not done
  • Documentation overdue: How many documentation items are currently past their due date and not done
  • Closed management reviews: Management reviews are an important method for committing your top management in your information security work.
  • Closed internal audits: Internal audits are an important method for monitoring your information security and compliance.
  • Personnel skill test average: Skill tests enable you to investigate the progress of employees' information security awareness.

How to choose the metrics that are relevant to you

On the Metrics page, you can define the key metrics of information security management that are most relevant to your organization's work. You can define the relevant key metrics from the right upper corner of the page. There are a total of 20+ metrics depending on the amount of frameworks you have enabled. There are three different types of meters:

  • Line chart (e.g. % of guidelines employees have read)
  • Single key number (e.g. items needing attention at the moment)
  • Bar chart (e.g. number of risks treated annually)

Edit the goal values to mach your needs

Each metric has three dots in the top right corner, behind which you can edit the goal values

In the future, the meters will be used in the management's monthly reports, where the implemented meters automatically are added.

Questions and feedback

Do you have any further questions, would need another help article or would like to give some feedback? Please contact our team via team@cyberday.ai or the chat box in the right lower corner.

Content

Share article