Number of IT FTEs that perform the process group "develop and implement security, privacy, and data protection controls" per $1 billion revenue
This measure calculates the number of IT full-time equivalent employees (FTEs) per $1 billion revenue that perform the process group "develop and implement security, privacy, and data protection controls," which consists of establishing information security, privacy, and data protection strategies and levels, along with testing, evaluating, and implementing information security, privacy, and data protection controls. It is part of a set of Supplemental Information measures that help companies evaluate additional variables not covered elsewhere for the "develop and implement security, privacy, and data protection controls" process.
Compute this Measure
Units for this measure are FTEs.
(Number of FTEs who perform the function "manage information technology" * Percentage of IT FTEs performing the process group "develop and implement security, privacy, and data protection controls" *.01) / (Total business entity revenue * 0.0000000010)
Total Annual Revenue/Net Revenue
Total annual revenue is net proceeds generated from the sale of products or services. This should reflect the selling price less any allowances such as quantity, discounts, rebates and returns. If your business entity is a support unit and therefore does not directly generate revenue, then provide the revenue amount for the units you support. For government/non-profit organizations, please use your non-pass-through budget. For insurance companies the total annual revenue is the total amount of direct written premiums, excluding net investment income. Note: Business entity revenue needs to only include inter-company business segment revenue when the transactions between those business segments are intended to reflect an arm's length transfer price and would therefore meet the regulatory requirements for external revenue reporting.
FTE - (full-time equivalent employee)
To calculate the number of full-time equivalents employed during the year for each respective process or activity, you must prorate the number of employees and the hours spent performing each process/activity. Assume that a full-time worker represents 40 hours per week. Provide the average number of full-time equivalents employed during the year for each respective process. Include full-time employees, part-time employees, and temporary workers hired during peak demand periods. Allocate only the portion of the employee's time that relates to or supports the activities identified for an applicable process. Prorate management and secretarial time by estimating the level of effort in support of each activity, by process.
For example, a part-time secretary in the finance department for XYZ, Inc. charges all of his time to finance department activities. He works 20 hours per week. The secretary splits his time evenly supporting employees working in the general accounting process and the financial reporting process. Thus, his time should be allocated by process. So, if he works throughout the year and supports these two processes, his time would be split evenly as:
20hrs/40hrs = .5FTE * 50% for general accounting = .25FTE for general accounting
20hrs/40hrs = .5FTE * 50% for financial reporting = .25FTE for financial reporting
Process efficiency represents how well a process converts its inputs into outputs. A process that converts 100% of the inputs into outputs without waste is more efficient than one that converts a similar amount of inputs into fewer outputs.