1. What types of measures are used for InfoSec management measurement programs?
2. According to Gerald Kovacich, what are the critical questions to be kept in mind when developing a measurements program?
3. What factors are critical to the success of an InfoSec performance program?
4. What is a performance target, and how is it used in establishing a measurement program?