Information Security PRAGMATIC Metrics Training, Level I
1 Day


2023 DATE(s): for 2023 Dates or to schedule an onsite course (6 or more students required).

$495 Early Bird 
$645 Register after Early Bird

Conducted by International Computer Security Expert –
Krag Brotby CISM, CGEIT

About the InfoSec PRAGMATIC Metrics
Suite of Training Courses

The InfoSec (Information Security) PRAGMATIC Metrics Training, Level I is the beginning of the InfoSec PRAGMATICS Metrics Suite of Training Courses (Level I, Level II, and Level III). The InfoSec  PRAGMATIC Metrics Suite provides the ultimate how-to-do-it training for security metrics. This training suite is absolutely packed with helpful tips. The InfoSec PRAGMATIC Metrics Suite provides an environment where attendees learn how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics). After attending all three training classes, attendees will take away a process, approach, and a set of tools to develop a system of effective and meaningful measures that will enhance security and improve cost-effectiveness of any security program.

Why Attend this 1-day Live, Online Training?

The Information Security (InfoSec) PRAGMATIC Metrics Training, Level I begins the journey to learning about the essential guidelines necessary for dealing with security metrics. This very timely 1-day security boot camp covers real-time, accurate, and reliable metrics that are critical to every security program, regardless of size. It is packed with helpful tips.


No profession has ever achieved status and credibility prior to developing effective metrics showing cause and effect, providing reliable prognostication and delivering the information needed by various parts of the organization to make informed decisions. Information security is no different. While practitioners frequently lament the profession’s lack of standing with business executives, we continue to fail to provide credible answers to essential questions and reliable evidence for the value of our craft. Most of us only provide management with obscure technical measures that do little to provide needed answers, actionable information or comfort, let alone assurance.

Based on the published book by Auerbach and co-authored by Krag Brotby and Gary Hinson titled PRAGMATIC Security Metrics, this intensive metrics training suite is designed to provide a hands-on practical approach to developing, testing, and operating a set of metrics that actually support the business, providing management with the information needed to make crucial decisions on risk, security, control, assurance and governance.

While there are literally thousands of things that can be measured, the PRAGMATIC approach allows selection of the relatively few that are truly effective and provide a sound basis for making operational, management and strategic security decisions. This is accomplished utilizing a set of criteria defined by the PRAGMATIC acronym. A comprehensive set of maturity scales provide the measurements for each of the nine criteria resulting in a ranking to determine the optimal metrics options.


Attendees of the InfoSec PRAGMATICS Metrics Suite of Training Courses (Level I, II and III) will take away a process, approach and set of tools to develop a system of effective and meaningful measures that will enhance security and improve cost effectiveness of any security program.


This class is taught by renowned security expert and the author of the official ISACA CISM Review Manual:
Krag Brotby CISM, CGEIT

Krag is the ’go-to’ computer security expert for mastering the CISM exam. He has successfully trained thousands of CISM candidates over the past 16 years, preparing them for the very difficult official CISM Exam.

  • Author of the official ISACA CISM Review Manual since 2005.
  • Author of the CISM Glossary Document and the CRISC Glossary Document.
  • Served on the ISACA Security Practice Development Committee responsible for exam question development.
  • Edited the entire 1200 CISM sample question database, creating approximately 800 questions for the ISACA 2016 CISM QAE Book.
  • Taught CISM courses globally during the past decade including the US Pentagon, US Marine Corp, Navy, and the Army.
  • Frequent security expert practitioner/instructor at conferences globally and lectures on information security governance, metrics, information security management, GRC and CISM exam preparation throughout Oceana, Asia, Europe, the Middle East, and North America.

Read Full Bio


Pre-CLASS Reading

This course is based on the published book,
PRAGMATIC Security Metrics; Auerbach ’13,
co-authored by Krag Brotby and Gary Hinson.

As this course is based on the book, it is strongly recommended that attendees read the book prior to attending the online course for the most benefit.


  • Access to the online training class recording after the training is held.
  • The instructor’s actual classroom presentation slides.
  • Megamind Training Institute Certificate of Completion:

1-Day InfoSec PRAGMATIC Metrics Training, Level I (6 hours).


The InfoSec PRAGMATICS Metrics Suite of Training Courses (Level I, II and III) training is designed to help IS professionals that are struggling to make sense of security metrics, or searching for better metrics to manage and improve information security.

A must attend for: ISM, CISO, CIO, CRO, COO, auditors, security operations, senior, middle and junior management level’s. Anyone involved with information security would greatly benefit from this training.


Early registration is recommended.
To ensure admission, fees must be paid at the time of registration.




Attend this live, instructor-led online training from your own personal working environment — from your home or your office.


This class will be held 7:00AM-2:00PM (PT) except where noted.

There are two morning sessions and two afternoon sessions.

Each session is about 90 minutes long with a 15 minute break per session, and a 30 minute lunch break daily.


Pacific Time Zone:             7:00AM – 2:00PM
Mountain Time Zone:       8:00AM – 3:00PM
Central Time Zone:            9:00AM – 4:00PM
Eastern Time Zone:         10:00AM – 5:00PM
International Time Zones Vary According to Country

Refer to the World Time Zone Converter for your time zone:


Cancellations will be accepted up to 10 working days before the scheduled course. After that time, no refunds will be given but substitutions may be sent at any time or tuition may be applied to a future training class.

Megamind reserves the right to cancel or postpone
any scheduled training class.



2. PAY your TUITION using PayPal “Buy Now” below.

Class Dates:

You will receive a confirmation email after completing the registration form and payment.

Want to pay using a purchase order? Then fill out our online Registration form and we will contact you.

Want to request onsite training or learn more about IT training? Then drop us a note using our Contact form.