In this paper authors have developed a method for Computer Security Incident Response Team (CSIRT) performance evaluation, which is implemented in the following stages: determining the performance of the CSIRT, defining the Key Performance Indicators (KPI), building a panel of indicators. The developed method can be used to monitor, manage, analyze and enhance the effectiveness of the CSIRT in critical information infrastructure as well as in common (general) information and communication

more »

... s. The experimental study of developed method realization for domestic cellular provider was also presented. Given results can be useful for information security audit of company, region or state. Method and the tools based on it will be useful to the leaders of the cyber incident response centers for monitoring, analyzing, assessing and managing the effectiveness of the CSIRT. The developed method can be applied to any company or government agency in order to increase both the level of information security and the efficiency of the work of the employee, department and organization as a whole.