Assess the quality of security controls, using performance indicators.

“Assess the quality of security controls, using performance indicators.” is a task performed by Information Security Engineers. Among the occupation's 20 rated tasks, workers place it 18th by importance (#3 most important). About 89% of workers say it is relevant to their job.

This is a single occupation-specific task statement from O*NET. The figures below describe how central the task is to the job and what independent studies measure about AI and this kind of work — not a prediction that the task will be automated.

Work activities this task rolls up to

O*NET groups concrete tasks into broader work activities shared across many occupations.

• Evaluate the characteristics, usefulness, or performance of products or technologies. in Judging the Qualities of Objects, Services, or People

AI exposure

The OpenAI / Eloundou “GPTs are GPTs” study rates this task E2. Exposure with tools — software built on top of a language model (not the model alone) could cut the time by at least half.

Exposure measures whether a model could meaningfully speed the task up — it is an estimate of overlap with model capabilities, not a measure of whether the work will be done by software. The study's intermediate score (β) for this task is 0.50. Automation potential label: T2.

Other tasks in this occupation

• Identify security system weaknesses, using penetration tests. · importance 4.6
• Coordinate monitoring of networks or systems for security breaches or intrusions. · importance 4.4
• Scan networks, using vulnerability assessment tools to identify vulnerabilities. · importance 4.3
• Train staff on, and oversee the use of, information security standards, policies, and best practices. · importance 4.3
• Develop response and recovery strategies for security breaches. · importance 4.3
• Conduct investigations of information security breaches to identify vulnerabilities and evaluate the damage. · importance 4.2
• Develop or install software, such as firewalls and data encryption programs, to protect sensitive information. · importance 4.1
• Oversee development of plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure or to meet emergency data processing needs. · importance 4.1
• Develop information security standards and best practices. · importance 3.9
• Identify or implement solutions to information security problems. · importance 3.9
• Recommend information security enhancements to management. · importance 3.9
• Oversee performance of risk assessment or execution of system tests to ensure the functioning of data processing activities or security measures. · importance 3.9
• Coordinate vulnerability assessments or analysis of information security systems. · importance 3.8
• Review security assessments for computing environments or check for compliance with cybersecurity standards and regulations. · importance 3.8

See all tasks on the Information Security Engineers page.

Sources for this page

Every figure above traces to a named public dataset and the exact release below — not hand-written opinion. See the full methodology for what each measure does and does not mean.

• O*NET 30.3 U.S. Department of Labor / National Center for O*NET Development
• “GPTs are GPTs” (Eloundou et al.) arXiv 2303.10130 OpenAI / academic

Data compiled June 2, 2026. Figures are estimates, not advice.

@misc{singulariki-task-21766,
  title  = {Assess the quality of security controls, using performance indicators.},
  author = {{Singulariki}},
  year   = {2026},
  note   = {O*NET 30.3; “GPTs are GPTs” (Eloundou et al.) arXiv 2303.10130. Accessed June 7, 2026},
  url    = {https://singulariki.com/tasks/task-21766}
}