Six Sigma for Security, Part 5: Staying in Control

by Steven McElwee, CISSP

After you have moved through the define, measure, analyze, and improve stages of your Six Sigma for Security project, you are ready to move into the control phase. Your security operations should always operate in the control phase. If so, the control phase for Six Sigma is merely a matter of adding your improvements into your existing controls.

Here are some tools that you may find helpful in the control phase:

• Control matrices
• CTQ dashboards
• Control charts
• Performance graphs

The more of your metrics you can automate, the more successful you will be in the control phase. If you have to spend time every week or every month to pull data, manipulate it, and report on it, you will quickly stop measuring. Use Excel and Access extensively to make routine measurement and reporting a snap.

The control phase does not use the detailed analysis tools used earlier in the Six Sigma project. It only reports on the results. If you find that you are no longer meeting your targets in any CTQ goal, go back through the Six Sigma process again to see what caused the change. You may have something influencing the process causing variation, or the quantity of work may require you to re-examine resource allocation.

Have you made it this far through the Six Sigma for Security process? How has it worked for you?