This Issue's Dilemma:

Reporting stats to please the boss

Our executives like numbers. And heaven forbid we disappoint them … so here’s our plan: We want to collect software security data and put it into a report. That way, the executives will know what happens in our shop on a regular basis. For those of you who are already doing this, what do you measure and how is it monitored and present to executives? I’d appreciate any help your readers can give me.

-- Sam, Software Developer

* 1. Can you help? What's your best advice?

* 2. Would you like advice from your peers? Enter your question below. It may be chosen for a future issue.

* 3. To enter the drawing for a copy of Secure Programming with Static Analysis, by Brian Chess & Jacob West, a $49.95 value., please enter your contact information.

With your permission, responses may appear in a future issue, and may be edited for length and clarity

* 4. Please indicate your choice about using your answer, name and company in an upcoming issue.