SAMM - Core Metrics

Improve the core model Metrics


SAMM currently has a very basic set of metrics for measuring progress and benefit. We need to build up the metrics in the core model to provide organisations with a solid way of understanding when they are improving, and what activities provide the most benefit.


  • Review of existing metrics
  • Propose new metrics per business function or activity
  • Determine plan for continuing metrics updates


This Working Session will result in updated SAMM Metrics and an outline plan for the future updates.

Synopsis and Takeaways

  • There is a need to evaluate adding an optional depth component to scoring for questionnaire
  • Need to most likely remove success metrics and replace with Business Metrics - Alternatively Metrics may have its own section - We need to focus on metrics ranging from operational to strategic operations
  • Three logical categories of metrics: - App - Process - Environment


The target audience for this Working Session is:

  • Security champions
  • Security architects
  • DevOps Roles
  • CISO

Working materials

Here are the current ‘work in progress’ materials for this session (please add as much information as possible before the sessions)_


…add content…

Back to list of all Working Sessions and Tracks

Edit this page here