Comprehensive and Detailed Explanation (250–350 words)
===========
The EC-Council CCISO program explicitly references NIST SP 800-55 as the standard designed to support the development and use of performance measurement, including Key Performance Indicators (KPIs) and security metrics.
NIST SP 800-55 provides structured guidance on measuring the effectiveness and efficiency of security controls and programs. ITIL (Option A) addresses service management, GDPR (Option B) is a regulation, and ISO 31000 (Option C) focuses on enterprise risk management rather than performance metrics.
Thus, Option D is correct.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit