Color-coded ‘maps’ representing various views of the organization offer a straightforward way to compare the security performance of different parts, the eye naturally turning to the reds in this example.
The background map could be a physical/literal representation (e.g. the site layout) or a virtual representation (e.g. major business units or departments). If the organization already uses similar map-type pictures in other contexts, why not use them for information security too? It puts the audience on familiar territory.
The red-amber-green colors could represent different metrics or parameters, or perhaps successive time periods, in separate ‘overlays’. In practice, some text would help explain!