Gap Analysis

In a Gap Analysis, the term used to describe the difference between the current state of security measures and the desired state outlined in the security policy is security delta.

Explanation:

• Gap Analysis: This is a methodical assessment that identifies the difference (or gap) between the current state (where things are now) and the desired state (where you want things to be) in various aspects of an organization, including security.

• Security Delta: In the context of security gap analysis, "delta" refers to the difference or gap between the current security posture and the target security posture defined in the security policy. It represents the measures or actions needed to bridge this gap and achieve the desired security goals.

Other Terms Explained:

• Security draft: This term typically refers to an early version or preliminary document of a security policy or plan, not specifically used in the context of gap analysis.

• Security discrepancy: While this term could imply a difference or inconsistency, "delta" is more commonly used in the specific context of gap analysis to denote the magnitude or extent of the difference.

• Security dividend: This term generally refers to the benefits or returns gained from investments in security measures, rather than describing a gap or difference in security states.

Therefore, security delta is the correct term used in Gap Analysis to describe the difference between the current and desired states of security measures outlined in a security policy.