| Evaluation item | Information security(D) >> Response level (capability) of infringement incident(D.2) |
| Metric | <D-2-2> Intrusion incident response time |
| Explanation | The response completion time following the response procedure after the occurrence of the infringement incident (the situation ending time) |
| Measurement method | X = Average processing time till the situation ending after detecting the infringement incident |
| Y = X − T arg e t V a l u e T arg e t V a l u e × 100 (excess ratio of processing time) |
| Data gathering method (Data sources) | ■ System ■ Data |
| □ Questionnaires □ Interview |
| ※ Measure the occurrence of infringement incident from target IS and the processing time from related reports |