A-Z Popular Blog Top Search »
Technology Guides
Information Technology

Related Topics

It Management

Systems Technology

Information Security

Technology Management


Technology Culture

Artificial Intelligence

Low Technology


50 Information Technology Metrics

 , updated on
Information technology metrics are techniques for measuring technology investments, productivity, execution, quality, risk and compliance. The following are common IT metrics.

Budget Variance

Budget variance for a department, team or project typically expressed as a percentage of budget.

Capability Rate

A capability rate is a type of metric that is produced by mapping business entities such as products to technical capabilities such as ecommerce, customer relationship management, self service or billing. For example, the percentage of your products that are available on your ecommerce channel.

Change Request Cycle Time

Change request cycle time is the average time between work-start and successful launch of a change request.

Change Success Rate

The percentage of change requests that are successful at first launch.

Customer Satisfaction Rate

Customer Satisfaction Rate is a rating of client satisfaction with IT activities such as programs, projects, service requests, change requests and operations. It is common for clients to be provided regular opportunities to give feedback with a direct question such as "how satisfied were you with the handling of this change request?"

Defect Density

The number of defects for a service, application or software component expressed as a rate. For example, defects per thousand lines of code.

Defect Resolution Rate

The percentage of defects that have been resolved. Often measured for a project.

First Response Time

A service desk metric that measures how long it takes to get a meaningful response to a service request other than a generic auto-reply.

Function Points

Function points are a metric of software complexity that generally correspond to a functional requirement.


An incident is a negative event such as a failure. Incidents are typically reported as monthly totals by severity.

Information Security Scores

A regular security evaluation may be performed on platforms, services, processes and applications. These typically produce a score with three to five security levels that have clear definitions.

It Overhead

Total IT spend for a period expressed as a percentage of revenue. Useful for benchmarking against an industry or competitor.

It Risk Score

IT risk management evaluations that produce a risk score typically calculated as impact × probability.

It Security Training Rate

Information security incidents are often influenced by human factors. As such, information security awareness training is a common practice that is tracked by percentage of employees who have completed training in the past year.

Legacy Rate

The percentage of platforms and systems that are currently considered legacy including factors such as out-of-support components. In some cases, an annual IT health check produces a more detailed risk assessment for each major application.

Lines Of Code

The lines of source code in a software component is a commonly used approximation of software complexity. This has a wide variety of uses such as measuring software development productivity with a metric such as lines of code per day per developer.

Mean Defect Age

The average age of unresolved defects for a project or change request.

Mean Time Between Failures

Mean Time Between Failures for platforms, services, applications and devices is an indicator of availability and stability.

Mean Time To Recovery

The average time for a platform, service, application or device to recover from failure. A similar term, Mean Time To Repair (MTTR) has much the same meaning. Recovery is a widely preferred term because modern platforms often recover automatically from an incident without need of repairs.

Noncompliance Events

The number of incidents that have compliance implications such as information privacy incidents. In many cases, certain types of incidents must be reported to regulatory bodies or customers. Compliance sensitive incidents is a common metric for corporate and IT governance reporting.

On Time Delivery Rate

The percentage of change requests, service requests or projects that are delivered to committed dates.

Outstanding Defects

The total unresolved defects for a project or change request.

Page Speed

The speed of services such as average load time for pages.

Patch Latency

The average time between availability of a patch and its deployment across your IT portfolio. Considered an information security metric.

Patch Rate

The percentage of platforms, services, applications or components that are patched to the current recommended level.

Payback Period

The period of time, often in months, that it takes an IT investment to reach break-even.

Planned Downtime Rate

The amount of planned downtime in a month as a total by service or average for all services.


The current number of known problems by severity.

Process Cycle Time

The average time for key processes such as order-to-delivery to complete.

Process Errors

The number of process errors that have a technology or data quality root cause.

Project Cycle Time

The average time between project releases. Particularly relevant in an agile environment when teams may be expected to launch new functionality every few weeks.

Quality Rate

The percentage of test cases that pass on the first test for a project or change request. May exclude regression tests.

Resource Utilization

How IT employees spend their time broken down by categories such as project work, system administration, change requests and incident response.

Return On Investment

Return On Investment is the sum of future cash flows generated by an IT investment expressed as a percentage of investment cost.

Schedule Variance

How close each project is to meeting its dates.

Security Incident Count

Total security incidents by severity.

Security Management Rate

An organization may define levels of security management and report the percentage of services, process and applications at each level.

Security Overhead

The cost of information security expressed as a percentage of revenue.

Service Availability

Uptime for a service expressed as a percentage of time. In some cases, only core service hours are counted when a service isn't 24/7. Uptime targets are often expressed in all nines such as 99.99% and 99.999% these are known as four nines and five nines respectively.

Service Downtime

The opposite of service availability, often expressed in downtime minutes.

Service Overhead

The total annual cost for a service expressed as a percentage of revenue for an organization or business unit.

Service Request Backlog

The current number of open service requests.

Service Requests Completed

The service requests completed in a period of time.

Service Satisfaction Rate

Clients are typically provided an opportunity to rate their satisfaction with each service request. This often feeds into performance management of service desk teams and representatives.

Service Scalability

Total available capacity divided by current peak capacity. If your total capacity relies on a third party cloud platform the total available capacity may be meaningless or unknown. However, in some cases it makes sense to use your reserved instances as total capacity.

Service Productivity

Metrics that measure business usage of a service such as percentage of users who use the service on an average business day or number of business transactions processed. It is also common to capture productivity with dollar amounts such as the revenue generated by an ecommerce platform or deals handled by a sales system.

Sla Compliance Rate

A measure of compliance to service level agreements such as total violations in a month.

Time To Market

The average time to develop new IT services from concept to launch. Time to market is traditionally a marketing metric that is used to manage new product development.

Time To Resolution

The average time to resolve incidents often reported by severity.

Use Case Points

A software estimation metric that is calculated by evaluating the business and technical complexity of each use case.

Information Technology Metrics

This is the complete list of articles we have written about information technology metrics.
Capability Rate
Defect Density
IT Examples
Lines Of Code
Story Points
More ...
If you enjoyed this page, please consider bookmarking Simplicable.