PILAR may present maturity of controls and safeguards in several ways
PILAR presents the range of the controls, and the range of safeguards:
PILAR presents an approximation to the maturity, averaging components. For example, if most children are L3, but one is not, the average is slightly less than L3-
It averages the value of safeguards and presents the average between 0% and 100%. Although this mode forgets that safeguard mapping is not perfect, the numbers are useful for graphs.
It considers the maturity of the safeguards in the corresponding phase, compared to the recommended value in the extra phase. Using this mode, we have a picture of how far security if from recommended values. For example, with respect to PILAR
Related topics