For now, I encourage you to take a look at the links above and familiarise yourself with the GQM framework. Product Management Resources Be the best product manager you can be. Sorry, a shareable link is not currently available for this article.
It’s not just for asset management, but multiple security domains – vulnerability and patch, user awareness, PAM and IDAM, and more. The “Goal-Question-Metric” approach is a proven method for driving goal-oriented measures throughout a software organization. With GQM, we start by defining the goals we are trying to achieve, then clarifying the questions we are trying to answer with the data we collect.
The metrics obtained will assist organizations to meet their requirements for a cloud storage security framework. The GQM approach is a framework that helps you plan, monitor, and improve your software quality by linking your quality goals to specific questions and metrics. The idea is to start with a high-level goal that expresses what you want to achieve or improve in terms of quality, such as usability, reliability, or performance. Then, you formulate a set of questions that help you understand and evaluate how well you are meeting your goal.
GQM, the initialism for goal, question, metric, is an established goal-oriented approach to software metrics to improve and measure software quality. Data can tell us important stories when we process it by proven and structured approaches. Dr. Southekal’s book presents such an approach based on the GQM method for transforming business data into an enterprise asset. This book is a valuable resource for organizations willing to become real data-driven organizations. The main reason we use goal metrics at all is to obtain information about why an initiative was important and how it achieved its goals.
Presumably some research was done to justify them, but it isn’t obvious. By contrast, GQM questions are intended to be a fairly complete inquiry into the Goal. Because of their what is goal question metric completeness, GQM’s questions help you stay focused on what matters. The “meaningful, audacious, and inspiring” criteria of an OKR Objective can also be applied to a GQM Goal.
From here, the two methods diverge — while OKR proceeds to Key Results, GQM has you ask questions. Servers are a high priority to protect because they house data, which are susceptible to the most common attack techniques – this is what the adversary is going after to encrypt, to steal, or wipe. Using a vulnerability or active scanning tool, you can fingerprint the operating systems deployed on the network and see which are servers.
It combines leading data management theory with step-by-step implementation and real-life examples, and is a must-read for those wanting to derive more value from their corporate data. The chief contribution of GQM over McCall’s model is the explicit introduction of goals coordinates based upon viewpoint, purpose, issue and object. The explicitness of the goal coordinates creates a wider perspective for goals. In McCall’s Software Quality Model, I discussed a paper tying quality factors to quality criteria.
To do this on an ongoing basis, James suggests listening passively for all ARP requests on your network, and looking for IP addresses. “You can very quickly build a picture of what’s actually connected to your network, then look at your CMDB and realise it’s about 10% complete,” says James. James notes that many of the challenges around asset management are not technical, but cultural or political.
Finally, you identify and collect metrics that provide answers to your questions and evidence for your goal. When undertaking an Agile transformation, there is a need to collect data to demonstrate progress and show improvement, but where does one even start? Common Agile metrics approaches do well at measuring team velocity and throughput but can sometimes overlook the requirements of executive sponsors, product management, and other key stakeholders. As James noted, though, it can be a lot of effort to build out such a programme – many goals, more questions, and even more metrics. That’s where Continuous Controls Monitoring becomes invaluable. It automates your cybersecurity measurement programme, using automation, and advanced data science to create accurate and trustworthy metrics.
I like the complement between architectural quality attributes, McCall’s quality model, where criteria is identified to measure attributes, and the GQM idea of tying viewpoint to metric. Goals are developed from policy and strategy, process and product descriptions and viewpoint https://www.globalcloudteam.com/ to develop the measurement. The contrast between OKRs and GQM is even more pronounced when applied to the “Improve Company Website” example. By considering all feasible questions rather than selecting a few key results, we generate a roadmap rather than a shorter-term approach.
I see GQM’s notion of goal as a superset because a goal might include resource, time, defects, etc. Here, goals create quality factors, an extension of the original concept to explicitly include a wider varienty of objects. Questions connect the object of measurement to a quality issue.
Below is the GQM for “Improve Company website”, shown graphically. The shaded areas represent progress over time towards questions. GQM’s multiplicity of questions for any Goal permit a more fine-grained understanding of progress towards it. Define an objective and choose a few key results that if satisfied, indicate you got there. Look at the examples above and notice how their Key Results are basically arbitrary.
With every question added in the scenario, a set of data is used to answer the question in a quantitative manner. Prashanth has given a very practical guide to implement data culture in an organization. The book Data for Business Performance talks about building the organization of the future and the role of data.
O seu endereço de e-mail não será publicado. Campos obrigatórios são marcados com *
Comentário
Nome *
E-mail *
Site
Salvar meus dados neste navegador para a próxima vez que eu comentar.