Cover Image

IDC PlanScape:使用了ABC (活動標準成本核算) 方法,SaaS型IT安全計劃的管理方法

IDC PlanScape: Managing an IT Security Program as a Service Using Activity-Based Costing

出版商 IDC 商品編碼 357549
出版日期 內容資訊 英文 12 Pages
Back to Top
IDC PlanScape:使用了ABC (活動標準成本核算) 方法,SaaS型IT安全計劃的管理方法 IDC PlanScape: Managing an IT Security Program as a Service Using Activity-Based Costing
出版日期: 2016年05月06日 內容資訊: 英文 12 Pages


本報告提供各企業一面活用ABC (活動標準成本核算)方法,一面更有效活用IT安全計劃的方法考察。

IDC PlanScape的說明圖


ABC (活動標準成本核算)方式的安全服務為何重要?

  • 安全·資源對風險優先等級高的集中分配
  • IT安全費用方面,成本最佳化分析·數值測量·比較分析用標準的實現·改善
  • 透過產業的目的與成本連動,強化IT安全服務·成本相關的資訊
  • IDC安全產品的分類方法之關聯性


  • 安全管理的4大原則
    • ID管理服務
      • 倒數前幾名部門
      • 相關資產
    • 漏洞管理服務
    • 信用管理服務
    • 威脅管理服務

主要的相關利益者 (利害關係者) 是誰?

  • CIO (資訊長) 及IT管理隊
  • 經營管理隊
  • IT安全管理負責人 (CISO)
  • IT部門的負責人


  • 成本累計流程
  • 成本分配流程
  • 安全服務費用的階層結構
  • 安全相關的ABC費用分析的案例
    • 防惡意程式·解決方案的替代
    • 安全監視的外包
    • 流程自動化:重新設定密碼的情況


  • 現在馬上做的事 (預算編制完成前)
  • 在今後6個月以內該做的事 (包含預算編制)
  • 在今後12∼24個月以內該做的事


Product Code: US41216316

This IDC study provides insight into how an IT security program can be more effectively managed using an activity-based costing approach."With this service-oriented approach to security, the costs align in a way that allows comparison for initiatives looking at new security models, outsourcing arrangements, process automation, and other interests," said Pete Lindstrom, vice president of Security Strategies. "This structure provides a better way to identify opportunities for more cost-effectiveness of a security program."

IDC PlanScape Figure

Executive Summary

Why Is an ABC-Based Security Service Important?

  • Improve Security Resource Allocation Methods to Focus on High-Priority Risks
  • Enable Improved Cost Optimization Analyses, Metric Calculations, and Benchmark Standards of IT Security Costs
  • Better Communicate the Cost of IT Security Services by Aligning Costs to Their Business Purpose
  • Relationship to IDC's Worldwide Security Products Taxonomy

What Is an ABC-Based Security Service?

  • The Four Disciplines of Security Management
    • Identity Management Services
      • Identity Management Subservices
      • Identity Management Assets
    • Vulnerability Management Services
      • Vulnerability Management Subservices
      • Vulnerability Management Assets
    • Trust Management Services
      • Trust Management Subservices
      • Trust Management Assets
    • Threat Management Services
      • Threat Management Subservices
      • Threat Management Assets

Who Are the Key Stakeholders?

  • CIO and IT Management Team
  • Business Management Teams
  • IT Security Management-CISO
  • IT Department Heads

How Can My Organization Take Advantage of an ABC-Based Security Service?

  • Cost Accumulation Process
  • Cost Distribution Process
  • Security Service Cost Hierarchy
  • Examples of Security-Based ABC Cost Analyses
    • Replacing Antimalware Solutions
    • Outsourcing Security Monitoring
    • Process Automation - Password Resets

Essential Guidance

  • Immediately - Prior to Budget Completion
  • Next Six Months - Include in Budget
  • Over 12-24 Months

Related Research

Back to Top