Requirements for Enterprise Security Performance Management

Published On: July 16, 2020

We are delighted to see that someone of Ed Amoroso’s prominent standing in the cybersecurity world has taken an interest in Security Performance Management (SPM). In this short white paper, Ed points out that security assessments are becoming more continuous in nature, rather than remaining point-in-time snapshots. He goes on to describe the variety of actors whose needs must be taken into account in any SPM initiative – it’s not just the security and audit teams! 

Most importantly, Ed provides readers a set of five requirements for any SPM platform, to help guide organizations in selecting the right SPM tool. The five key capabilities are: Workflow, Analysis, Planning, Remediation, and Metrics.

SPM Requirements

One key takeaway is that an SPM solution needs to integrate with the existing security and GRC tooling to deliver optimum workflow automation and speed of decision-making. 

Of course, we think we’ve already built the kind of SPM platform that Ed describes! Integrations with workflow, analytics, and planning tools? Check. Built-in, prioritized remediation recommendations? Absolutely. Metrics, reports, and cost estimates aimed at all stakeholders? Naturally.

SPM is a relatively new product category, and buyers are still just becoming aware of it and how it solves problems with communications, budgeting, and prioritizing. Here at TrustMAPP, we are hard at work educating the marketplace about the power of SPM. Having someone like Ed Amoroso recognize the need for SPM is wonderful news. 

Contact us if you’d like to learn more.

Browse These Topics


Assess Company's Security Readiness automate and visualize information security risk management better understanding of their information security management boost the confidence of board members boost the protection of your data corporation’s information security create a security roadmap cyber attack Cyber defense experts cyber security determining cyber risks developing security programs across the business Easy to Understand Data Security Solution effective cyber security software Effective Data Security Measures Good Cyber Hygiene guide development of a strong information security high quality cyber security tools house being robbed Identify Potential Security Weaknesses information security dashboard information security management information security managers information security platform Information Security Programs maintain advanced cyber security maintain the control and strength of your firm’s cyber security manage security programs success Managing information security prioritize security functions professional information security Progressive Data Security Solutions Proposing solutions to cyber threats reliable cyber security platform reliable information security dashboard responsibilities of a CISO risk assessment software stay ahead of potential cyber threats strengthening your company’s security measures strength of your company’s information security strong information security programs vCISO Visualization of Information Security Risk Management Visualize Information Security Risks visual representation of security risk in an organization