Read about information security metrics on the Internet and then generate a list of information security metrics that could be collected for a small Internet commerce company with 10 employees.
The company uses an outside vendor for packaging and distribution.
Write an Executive Summary of the list of metrics.
Why are each of the metrics appropriate for the target company?
To whom should the metrics be reported?