This measure calculates the cost of infrastructure and endpoint security as a percentage of the total IT security and compliance cost. Endpoints or endpoint devices are physical devices that communicate with a connected computer network. Examples include mobile devices, virtual machines, desktop computers, embedded devices, servers, and Internet-of-Things devices (cameras, lighting, refrigerators, security systems, smart speakers, thermostats, etc.). IT security and compliance cost covers expenses for security strategy and architecture, governance, risk and compliance control, infrastructure and endpoint security, application security, data security, identity and access management. Total IT Cost or Budget (excluding depreciation/amortization; i.e., based on cash flow) includes operating and capital expenses for performing the entire IT function. Operating expenses are independent of including or excluding depreciation/amortization. Capital expenses should include costs for all capitalized IT assets acquired during the reporting period. This Cost Effectiveness measure is intended to help companies understand this cost expenditure related to the process group "Manage IT resilience and risk".
Infrastructure and endpoint security cost as a percentage of total IT security and compliance cost, excluding depreciation/amortization