LDR 551_Book 5 Flashcards

1
Q

What is the title of the paper by Sundaramurthy, Sathya Chandran, et al.?

A

A Human Capital Model for Mitigating Security Analyst Burnout

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What method did researchers use to study SOC analyst burnout?

A

Anthropological study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the main conclusion of the study on SOC burnout?

A

Burnout is a human capital management problem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What did the researchers identify as connecting factors affecting analyst morale?

A

Multiple vicious cycles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the core model developed by the researchers called?

A

Human capital model for mitigating security analyst burnout

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the four factors in the SOC human capital model?

A

Growth, Skills, Empowerment, Creativity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What happens if one factor in the SOC human capital model trends negatively?

A

Leads to a vicious cycle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the key driver of growth in the SOC human capital model?

A

Variety in job tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What should be used to eliminate mundane work in SOCs?

A

Automation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How are skills defined in the SOC human capital model?

A

Development and continuous improvement of analysts’ skill-set

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What can cause analysts to look externally for new opportunities?

A

Skills no longer growing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Sources of WSO Training

A

On-the-job experiences, peer-directed, formal training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Purpose of on-the-job training

A

Honing skills through daily experiences

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Examples of on-the-job training

A

Tabletop exercises, Purple Team exercises, penetration testing, Red Teaming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Key driver of analyst empowerment

A

Trust in SOC skills

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Definition of empowerment

A

Analysts can do their job efficiently

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Common problems in empowerment

A

New teams, politics, past mistakes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Recommended action for empowerment

A

Slowly build trust with peer-reviewed process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Definition of creativity

A

Ability to handle novel operational scenarios

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Key driver of creativity

A

Empowerment to solve challenges uniquely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Common problems in creativity

A

Over-prescribed procedures, lack of time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Recommended action for creativity

A

Free time for improvements, encourage learning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Purpose of reflection in SOC

A

Review procedures to find bottlenecks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Purpose of automation in SOC

A

Eliminate repetitive tasks, improve efficiency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Tools for operational efficiency

A

SOAR, EDR, SIEM, scripts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the goal of finding repetitive tasks?

A

To automate tasks using scripts, SIEM, EDR, or SOAR.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

How does automation affect analysts’ morale and creativity?

A

Improves morale and provides a creative outlet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What happens when analysts develop new automated tasks?

A

Their job becomes easier.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is the bi-directional connection noted by researchers?

A

Operational efficiency and job satisfaction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

How does human capital affect operational efficiency?

A

Skilled analysts make operations efficient.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

How does automation impact operations?

A

Accelerates operations, especially repetitive tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What influence does operational efficiency have on analysts?

A

Creates a positive influence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Why are metrics crucial for SOC?

A

Communicate SOC’s value and ROI to management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What can happen if bad metrics are used?

A

Can create falsely low perception.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

How does improved operational efficiency affect metrics?

A

Improves consistency and shortens response times.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What happens when SOC perception improves?

A

Budget stays flowing or increases.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is the most important feedback loop for SOC?

A

Management support fed by SOC metrics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What was hard to define according to researchers?

A

Good, representative, operational metrics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

When are analysts more receptive to feedback?

A

When they believe in the metrics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What should metrics show besides incident data?

A

Meaningful effort by the SOC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is the negative effect of bad metrics?

A

Masks problems and leads to negative consequences.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

What can result from analysts being overburdened?

A

Burnout due to overwork.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What is a focus area for new analysts to prevent burnout?

A

Growth and skills development.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What should be the biggest focus areas for new analysts?

A

Growth and skills

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What happens if new analysts max out their capabilities quickly?

A

They won’t stay long

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

How should new analysts’ learning be paced?

A

As fast as they can handle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

When should new tasks be added for new analysts?

A

As soon as they master current tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What indicates it’s time to push new analysts toward new tasks?

A

When they look bored or “cherry pick” alerts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

What types of training should be provided to new analysts?

A

On-the-job, peer-led, and formal training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What is the goal of the training for new analysts?

A

To reach tier 2 level quickly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

What should never happen to experienced analysts?

A

Finding the “ceiling” of learning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What should be provided if no one is left to train experienced analysts?

A

Additional outside training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

How can creativity help experienced analysts?

A

By creating new and difficult challenges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

What should experienced analysts be given to leverage their skills?

A

Vague descriptions and autonomy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What should be done to leverage experienced analysts’ power?

A

Assign new tools, automation, improvements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

How should tasks be geared for optimal growth?

A

Toward the edge of their capabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What state do tasks at the edge of capabilities induce?

A

Flow state

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

What is essential for understanding employees’ capabilities?

A

Regular one-on-one meetings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What is “Deep Work”?

A

Distraction-free concentration pushing cognitive limits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What has exponentially increased in corporate communications over the last few decades?

A

Email communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

What has replaced or augmented email in recent years for real-time communication?

A

Slack, Teams, and other chat platforms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

What problem do new collaboration tools introduce despite addressing email issues?

A

Interrupting deep work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

How often do employees who use Slack check their channels on average?

A

Once every five minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

What is a significant challenge in a dynamic SOC environment?

A

Maintaining focus while context-switching

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

What do neuroscientists and psychologists say about our attention?

A

It is fundamentally single-tasked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

What must be given to minimize burnout and keep people in their “flow channel”?

A

Time and space for deep work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

What is the goal in promoting deep work?

A

Reduce or eliminate shallow work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

What percentage of time did a SOC team spend on shallow work in a recent consulting engagement?

A

About 70%

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

What should SOC tools and processes promote?

A

Deep work by leaving room for focus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

What model is useful for understanding human behavior in performance management?

A

Thomas Gilbert’s Behavior Engineering Model (BEM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

What should managers consider when an employee is not meeting expectations?

A

Both environment and individual motivations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

What are the three external factors in the BEM?

A

Data, Resources, Incentives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

What are the three internal factors in the BEM?

A

Knowledge, Capacity, Motives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

What is crucial for staff retention and burnout mitigation?

A

Optimize for growth, skills, empowerment, and creativity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

What is beneficial for both the organization and team mental health?

A

Good organizational practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

What can prevent people who enjoy their work from having a bad experience?

A

Effective techniques

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

What can help save good talent if employees aren’t interested in their job?

A

Job rotations to other groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

What can minimize factors that influence burnout?

A

Commitment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

What is culture according to Ben Horowitz?

A

How your team makes decisions when you’re not there

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

What should you do to build the SOC culture you want?

A

Know yourself and your limitations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

What should you provide to encourage desired behaviors and decisions?

A

Constructive feedback

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

What is the first step in building a better team culture?

A

Define and communicate your values

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

What should you gather to ensure your culture is moving in the right direction?

A

Metrics like turnover and retention rates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

What can higher-than-usual turnover indicate?

A

You may have a culture problem.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

What should you be open to from your team to build trust?

A

Criticism and feedback.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

What should you examine in the context of team values?

A

Your own mistakes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

What is building a positive culture described as?

A

An iterative process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

What is culture compared to in its cyclical nature?

A

Human capital.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

What are signs you have a culture problem?

A

High turnover, failing priorities, shocking actions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

Who are the possible culture-breaking personality types?

A

The Heretic, The Flake, The Jerk, The Prophet of Rage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

What might indicate a culture problem despite good processes and people?

A

Team not operating at a high level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

What are signs your team may be off track?

A

High turnover, low satisfaction, shocking actions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

What should you do if a team member surprises you with bad behavior?

A

Investigate whether it’s an aberration or pattern.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

What might you need to do with disruptive team members?

A

Identify and take action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

What are common failures in building a positive team culture?

A

Not correcting behaviors, negative incentives, poor communication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

What is a manager’s job in terms of team expectations?

A

Manage expectations and highlight risks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

What is “management debt”?

A

Convenient solutions causing long-term issues.

98
Q

What is management debt?

A

Incurring too much management debt can result in management bankruptcy.

99
Q

Name common forms of management debt.

A

Two in the box, matching offers, lacking performance management, disliked tasks.

100
Q

What is the risk of promoting two co-leads?

A

Confusion about roles and responsibilities.

101
Q

What happens when an analyst gets a higher offer elsewhere?

A

Morale dips and retention problems increase.

102
Q

Why should matching offers be a temporary solution?

A

It is not a long-term retention strategy.

103
Q

Why might teams lack formal performance management processes?

A

To avoid becoming “too corporate.”

104
Q

What is the consequence of no performance management?

A

Performance suffers, and issues are unidentified.

105
Q

Why is constructive feedback necessary?

A

To maintain performance, even in high-performing teams.

106
Q

What is a common issue with keeping people on tasks they dislike?

A

They may leave, taking key knowledge with them.

107
Q

What is essential for building a positive SOC culture?

A

Constant attention, iteration, and communication

108
Q

Who can be your best allies in building SOC culture?

A

Human resources, benefits managers, finance team

109
Q

What should you do with culture-breaking behaviors?

A

Address them quickly and decisively

110
Q

What must you have to resolve management debt?

A

A plan to resolve it at the first opportunity

111
Q

What is essential to show SOC ROI and justify budget?

A

Getting SOC metrics right

112
Q

What famous quote by Peter Drucker is mentioned about metrics?

A

You cannot manage what you cannot measure

113
Q

Why are SOC metrics challenging yet crucial?

A

They show ROI, justify budget, and validate operations

114
Q

What is the goal of the metrics module?

A

To derive useful metrics tied to SOC objectives

115
Q

What is the OKR system and who invented it?

A

Objectives and Key Results, invented by Andrew Grove

116
Q

What book discusses separating “important” from “urgent”?

A

The 4 Disciplines of Execution

117
Q

What is the purpose of the book “Measure What Matters”?

A

To lay out the OKR system.

118
Q

What does the book “The 4 Disciplines of Execution” focus on?

A

Setting priorities and ensuring follow-through.

119
Q

What are the two main activities of a SOC?

A

Ops and improvements.

120
Q

What is the purpose of metrics in a SOC?

A

To measure a business process.

121
Q

What is a metric?

A

A tool used to measure something.

122
Q

What is a KPI?

A

A tool to track key area performance.

123
Q

What additional component does a KPI have compared to a metric?

A

Target/Threshold Value.

124
Q

What is the goal of a KPI?

A

To maintain the status quo.

125
Q

What is the difference between a metric and a KPI?

A

KPIs include target values.

126
Q

What do car dashboard gauges represent?

A

Calculations of some metric with current value

127
Q

What additional feature do dashboard gauges usually include?

A

Bounds of “normal”

128
Q

Why are oil temperature and pressure gauges considered KPIs?

A

Show if temperature/pressure is too high/low

129
Q

What do metrics with bounds and thresholds indicate?

A

Ongoing processes needing action if exceeded

130
Q

What is an example of an objective in OKRs?

A

Minimize successful phishing

131
Q

What defines key results in OKRs?

A

Specific, measurable progress indicators

132
Q

What is an example of a key result for minimizing phishing?

A

Fewer than five phishing infections per week

133
Q

What components are required for a key result?

A

Metric, current value, target value, start value

134
Q

How are key results different from KPIs?

A

Temporary for new initiatives, not daily measures

135
Q

What is the purpose of KPIs?

A

Continual measure of daily operations

136
Q

How can OKRs help when KPIs are out of line?

A

Develop objectives and key results to fix issues

137
Q

What do daily operations KPIs measure?

A

Business as usual processes

138
Q

What do OKRs measure in SOC goals?

A

Improvements and initiatives

139
Q

What question do KPIs answer?

A

Are we operating as expected?

140
Q

What is the role of OKRs according to Perdoo?

A

Define and measure initiatives for key results

141
Q

What is the source of the SOC-centric chart modification?

A

Perdoo’s blog post on OKRs and KPIs

142
Q

What are the first two steps in the SOC process overview?

A

Collect Goals, Clarify Meaning

143
Q

What is the purpose of metrics in security cases?

A

Drive decisions or demonstrate value

144
Q

What should metrics for a managed service SOC reflect?

A

Alerts handled, incidents reported, customer interactions closed

145
Q

What should metrics for a national or HQ-level SOC focus on?

A

Campaign analysis, intelligence from subordinate SOCs

146
Q

What does a problem well-stated represent?

A

A problem half solved

147
Q

What is a key aspect of successful metrics?

A

Top-down derived metrics for goal alignment

148
Q

What system is mentioned for goal alignment in metrics?

A

Goal Question Metric (GQM)

149
Q

What technique helps guarantee the usefulness of a metric?

A

Tie the collection to a “why”

150
Q

What is the Goal Question Metric (GQM) system?

A

System for deriving metrics from goals

151
Q

What are the three steps in the GQM system?

A

Decide goals, questions, and needed data

152
Q

What makes a metric useful according to GQM?

A

It answers a question about meeting objectives

153
Q

What is the first step in bringing metric information to an organization?

A

Categorizing the data you have or want

154
Q

What should you do if you want to improve your current metrics?

A

Start with collecting additional metrics

155
Q

What are the four criteria for a good metric according to Andrew Jaquith?

A

Consistently measured, cheap, cardinal, unit-based

156
Q

What is a bad metric according to Andrew Jaquith?

A

Metrics relying on human judgment without strict guidelines

157
Q

Why is the frequency of metrics production important?

A

Minimize delay between measurement and reaction

158
Q

What is the OODA loop?

A

Observe, Orient, Decide, Act

159
Q

How should you match your metrics sample rate?

A

To the rate of what you’re measuring

160
Q

What happens without frequent measurements?

A

Signs of being off track may go unnoticed

161
Q

How should good metrics be gathered?

A

Effortlessly, automated, short timescale

162
Q

What is the goal of quick-moving metrics?

A

Minimize delay between measurement and reaction

163
Q

What is an example of a poor sampling rate?

A

Checking for spam email waves once a day

164
Q

How should KPIs be documented?

A

With measure, target/threshold, source, frequency

165
Q

What should the frequency of sampling be compared to?

A

Rate of the event occurring

166
Q

What should you document in an organized database?

A

KPIs and metrics

167
Q

What fields should you track for metrics?

A

Measure, Target/Threshold, Source, Frequency

168
Q

What question should you ask when identifying KPIs?

A

What does “operating as normal” mean?

169
Q

What are examples of “as normal” targets?

A

Customer requirements, SOC goals, history

170
Q

What do daily operational measures provide?

A

Context by limits and thresholds

171
Q

What should you consider for daily operational measures?

A

Define “business as usual” or “operating as normal”

172
Q

What might define “normal” for SOC?

A

Telemetry, alert queue, incidents, work backlog

173
Q

Where might the definition of “normal” come from?

A

Externally defined or historical data

174
Q

What is important for MSSPs regarding “operating as normal”?

A

Hitting SLAs or key promises

175
Q

What is a hard goal for internal SOC measures?

A

99.9% of active assets reporting security data

176
Q

What should you do if a numeric goal is hard to define?

A

Look for anomalies based on history

177
Q

What makes a metric a candidate for a KPI?

A

Key area of operation needing monitoring

178
Q

What should be done with key data on a dashboard?

A

Ensure they stay within correct parameters

179
Q

What do operational metrics and KPIs represent?

A

Key data available on a near-constant basis

180
Q

What should you consider when choosing SOC metrics?

A

Each stage of the SOC process

181
Q

What defines “normal” for collection and triage?

A

Potential metrics and KPIs

182
Q

What are we looking for in metrics and KPIs?

A

Goal-aligned, clear, convenient measures

183
Q

What should metrics help the team do?

A

Monitor for issues or answer questions

184
Q

How should improvement goals be written?

A

Objectives with specific and quantifiable key results

185
Q

What should objectives and key results clarify?

A

End state, actions, success measurement

186
Q

What is the purpose of Key Results in OKRs?

A

Measure if objectives are successfully met

187
Q

What should happen to phishing-based incidents as a Key Result example?

A

Drop to below five per week

188
Q

Why is breaking down projects important?

A

Clarifies how initiatives tie to objectives

189
Q

What should you do if key results aren’t materializing?

A

Replace or re-evaluate the initiative

190
Q

What is the purpose of monitoring KPIs?

A

Detect anomalies and “out of normal” events

191
Q

What should you do if an initiative doesn’t move the key results?

A

Try a new approach or identify why

192
Q

What is the next challenge after defining OKRs and KPIs?

A

Tackle both operational tasks and improvements

193
Q

Why are people drawn to operational tasks?

A

Seen as the most immediate and important need

194
Q

What is the risk of focusing only on day-to-day tasks?

A

Potentially at the cost of long-term improvement

195
Q

What is the purpose of the 4 Disciplines of Execution (4DX)?

A

Drive continuous improvement and avoid daily firefighting

196
Q

What is the first principle of 4DX?

A

Focus on the Wildly Important Goal (WIG)

197
Q

What is a WIG according to 4DX?

A

Most important objective needing special attention

198
Q

How do you define a WIG?

A

Identify starting line, finish line, and deadline

199
Q

What does SOC stand for?

A

Security Operations Center

200
Q

What is the Eisenhower Matrix used for?

A

Ranking tasks by urgency and importance

201
Q

What should you prioritize according to the Eisenhower Matrix?

A

Non-urgent and important tasks

202
Q

What is the key insight from this section?

A

Delaying urgent, unimportant tasks for important ones

203
Q

What is the focusing question from “The ONE Thing”?

A

What’s the ONE Thing you can do to make everything else easier or unnecessary?

204
Q

What is the theory of constraints?

A

Methodology to improve system performance by addressing bottlenecks

205
Q

How do you identify a bottleneck in a system?

A

Look for the step with the lowest bandwidth where items pile up

206
Q

What is the only way to improve a system according to the theory of constraints?

A

Increase throughput at the bottleneck

207
Q

Where should you take measurements in a process?

A

At every useful stage of the process

208
Q

What are lead measures?

A

Metrics that track activities driving a goal

209
Q

What are lag measures?

A

Metrics that track the success of a goal

210
Q

What is a lag measure?

A

A metric measuring past events

211
Q

Why aren’t lag measures often the best metrics?

A

They lack predictive power

212
Q

What is a lead measure?

A

Metrics measuring process inputs

213
Q

Why do lead measures have predictive power?

A

They measure process inputs determining outputs

214
Q

What matters most in achieving goals according to 4DX?

A

Controlling lead measures

215
Q

What is an example of a lag measure in weight loss?

A

Weight on the scale

216
Q

Why doesn’t tracking weight help achieve weight loss?

A

It only shows past results

217
Q

What are examples of lead measures in weight loss?

A

Diet and exercise

218
Q

What happens when inputs are controlled?

A

Outputs must follow

219
Q

What is the third principle in 4DX?

A

Keeping a compelling scoreboard

220
Q

What is a compelling scoreboard in 4DX?

A

A player-centric progress view

221
Q

Why is a scoreboard important in 4DX?

A

Creates engagement and focus

222
Q

What is the fourth principle in 4DX?

A

Creating a cadence of accountability

223
Q

What are the three questions in a commitments report?

A

Did I meet commitments? Did they move the scoreboard? What will I commit to?

224
Q

Why are people more likely to commit to their own ideas?

A

Autonomy and creativity

225
Q

What drives morale and engagement in 4DX?

A

Seeing positive impact on WIG

226
Q

What are the two key ideas behind 4DX’s success?

A

Creating a winnable game, facilitating engagement

227
Q

Why are employees more likely to respect deadlines they set themselves?

A

They feel more ownership and responsibility.

228
Q

What effect do personal commitments between teammates have?

A

They feel like personal promises.

229
Q

What does the 4DX system allow teammates to see?

A

Positive impact of their actions.

230
Q

What is the goal of the 4DX system?

A

Set team on a course to success.

231
Q

What are metrics?

A

Measurements with a current value.

232
Q

What are KPIs?

A

Measurements plus a target/threshold.

233
Q

What are OKRs?

A

Measurements plus a defined start, end, current value.

234
Q

What does the 4DX process emphasize?

A

Finding and focusing on WIG.

235
Q

What should you consider when creating good metrics?

A

Problems you’re trying to solve.

236
Q

What is the goal of metrics for projects?

A

Define how close you are to completing.

237
Q

What does the OKR system help with?

A

Separating the goal, actions, and measures.

238
Q

What challenge exists beyond measuring improvement projects?

A

Validating people take time to work on them.

239
Q

What system helps confirm execution on initiatives?

A

The 4 Disciplines of Execution (4DX).

240
Q

What does the 4DX system create?

A

A winnable game.

241
Q

What is reflected in the improvement of daily metrics?

A

Effectiveness of the SOC and ROI.

242
Q

What is the key concept in information security discussed in the text?

A

Prioritization.