50 Information Technology Metrics
John Spacey, updated on March 21, 2021
Information technology metrics are techniques for measuring technology investments, productivity, execution, quality, risk and compliance. The following are common IT metrics.
Budget VarianceBudget variance for a department, team or project typically expressed as a percentage of budget.
Capability RateA capability rate is a type of metric that is produced by mapping business entities such as products to technical capabilities such as ecommerce, customer relationship management, self service or billing. For example, the percentage of your products that are available on your ecommerce channel.
Change Request Cycle TimeChange request cycle time is the average time between work-start and successful launch of a change request.
Change Success RateThe percentage of change requests that are successful at first launch.
Customer Satisfaction RateCustomer Satisfaction Rate is a rating of client satisfaction with IT activities such as programs, projects, service requests, change requests and operations. It is common for clients to be provided regular opportunities to give feedback with a direct question such as "how satisfied were you with the handling of this change request?"
Defect DensityThe number of defects for a service, application or software component expressed as a rate. For example, defects per thousand lines of code.
Defect Resolution RateThe percentage of defects that have been resolved. Often measured for a project.
First Response TimeA service desk metric that measures how long it takes to get a meaningful response to a service request other than a generic auto-reply.
Function PointsFunction points are a metric of software complexity that generally correspond to a functional requirement.
IncidentsAn incident is a negative event such as a failure. Incidents are typically reported as monthly totals by severity.
Information Security ScoresA regular security evaluation may be performed on platforms, services, processes and applications. These typically produce a score with three to five security levels that have clear definitions.
It OverheadTotal IT spend for a period expressed as a percentage of revenue. Useful for benchmarking against an industry or competitor.
It Risk ScoreIT risk management evaluations that produce a risk score typically calculated as impact × probability.
It Security Training RateInformation security incidents are often influenced by human factors. As such, information security awareness training is a common practice that is tracked by percentage of employees who have completed training in the past year.
Legacy RateThe percentage of platforms and systems that are currently considered legacy including factors such as out-of-support components. In some cases, an annual IT health check produces a more detailed risk assessment for each major application.
Lines Of CodeThe lines of source code in a software component is a commonly used approximation of software complexity. This has a wide variety of uses such as measuring software development productivity with a metric such as lines of code per day per developer.
Mean Defect AgeThe average age of unresolved defects for a project or change request.
Mean Time Between FailuresMean Time Between Failures for platforms, services, applications and devices is an indicator of availability and stability.
Mean Time To RecoveryThe average time for a platform, service, application or device to recover from failure. A similar term, Mean Time To Repair (MTTR) has much the same meaning. Recovery is a widely preferred term because modern platforms often recover automatically from an incident without need of repairs.
Noncompliance EventsThe number of incidents that have compliance implications such as information privacy incidents. In many cases, certain types of incidents must be reported to regulatory bodies or customers. Compliance sensitive incidents is a common metric for corporate and IT governance reporting.
On Time Delivery RateThe percentage of change requests, service requests or projects that are delivered to committed dates.
Outstanding DefectsThe total unresolved defects for a project or change request.
Page SpeedThe speed of services such as average load time for pages.
Patch LatencyThe average time between availability of a patch and its deployment across your IT portfolio. Considered an information security metric.
Patch RateThe percentage of platforms, services, applications or components that are patched to the current recommended level.
Payback PeriodThe period of time, often in months, that it takes an IT investment to reach break-even.
Planned Downtime RateThe amount of planned downtime in a month as a total by service or average for all services.
ProblemsThe current number of known problems by severity.
Process Cycle TimeThe average time for key processes such as order-to-delivery to complete.
Process ErrorsThe number of process errors that have a technology or data quality root cause.
Project Cycle TimeThe average time between project releases. Particularly relevant in an agile environment when teams may be expected to launch new functionality every few weeks.
Quality RateThe percentage of test cases that pass on the first test for a project or change request. May exclude regression tests.
Resource UtilizationHow IT employees spend their time broken down by categories such as project work, system administration, change requests and incident response.
Return On InvestmentReturn On Investment is the sum of future cash flows generated by an IT investment expressed as a percentage of investment cost.
Schedule VarianceHow close each project is to meeting its dates.
Security Incident CountTotal security incidents by severity.
Security Management RateAn organization may define levels of security management and report the percentage of services, process and applications at each level.
Security OverheadThe cost of information security expressed as a percentage of revenue.
Service AvailabilityUptime for a service expressed as a percentage of time. In some cases, only core service hours are counted when a service isn't 24/7. Uptime targets are often expressed in all nines such as 99.99% and 99.999% these are known as four nines and five nines respectively.
Service DowntimeThe opposite of service availability, often expressed in downtime minutes.
Service OverheadThe total annual cost for a service expressed as a percentage of revenue for an organization or business unit.
Service Request BacklogThe current number of open service requests.
Service Requests CompletedThe service requests completed in a period of time.
Service Satisfaction RateClients are typically provided an opportunity to rate their satisfaction with each service request. This often feeds into performance management of service desk teams and representatives.
Service ScalabilityTotal available capacity divided by current peak capacity. If your total capacity relies on a third party cloud platform the total available capacity may be meaningless or unknown. However, in some cases it makes sense to use your reserved instances as total capacity.
Service ProductivityMetrics that measure business usage of a service such as percentage of users who use the service on an average business day or number of business transactions processed. It is also common to capture productivity with dollar amounts such as the revenue generated by an ecommerce platform or deals handled by a sales system.
Sla Compliance RateA measure of compliance to service level agreements such as total violations in a month.
Time To MarketThe average time to develop new IT services from concept to launch. Time to market is traditionally a marketing metric that is used to manage new product development.
Time To ResolutionThe average time to resolve incidents often reported by severity.
Use Case PointsA software estimation metric that is calculated by evaluating the business and technical complexity of each use case.
Information Technology MetricsThis is the complete list of articles we have written about information technology metrics.
If you enjoyed this page, please consider bookmarking Simplicable.
The overview of lines of code as a metric.
An overview of estimating with story points including planning poker.
TrendingThe most popular articles on Simplicable in the past day. Recent posts or updates on Simplicable.