Service delivery frameworks are a way to itemize and manage services within a business. It is a tool to show cost transparency and provide insight for increasing performance and lowering costs within a business by providing data on each service and how it is used.

IT services are generally easy to develop service packages for such as: Server build takes X time and costs Y. IT Security services can sometimes be as easy, but often are more generalized and cannot be packaged as neatly as the widgets that make up general IT.

Case in point, IDS/IPS. We can create a service metric such as event response time based on priority but what about the longer term implications of those events. If an attack is in progress is there a metric to show good/bad response, time to close, etc…?

There are metrics that can be used to show value to the business such as number of blocked attacks, number of malware prevented, etc… but these numbers are based on the whims of the internet and its endless army of attackers; One month may see a million attacks, the next only a thousand. These metrics make it hard to show value when they are so dynamic.

The answer to these problems is to show them in a different context. Look at comparisons, such as a time based trend line of the numbers, maybe with bullet points on events that can cause deviations (osama bin laden’s death, arib spring, black friday, etc…). This gives a context to the numbers that can show a bigger picture to management about the dynamic world of IT security and how resources are used. Efficiencies can be gained (as well as budget $$$) if a good picture of what is being done is shown to management in a context they can understand.