Build an Information Security Strategy
Align the information security strategy to organizational goals and risks to create value.
Book This WorkshopAvoid:
- Building a misaligned security program.
- Investing too little or too much in the security program.
- Missing key people, process or technology controls your organization needs to stay safe.
Build a comprehensive security program that:
- Aligns to organizational goals.
- Focuses on mitigating organizational risks.
Book Your Workshop
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.
Book NowModule 1: Assess Business Requirements
The Purpose
- Assess business requirements.
Key Benefits Achieved
- Identify security program alignment criteria.
Activities: | Outputs: | |
---|---|---|
1.1 | Understand business and IT strategy and plans. |
|
1.2 | Define business and compliance requirements. |
|
1.3 | Establish the security program scope. |
|
1.4 | Analyze the organization’s risks and stakeholder pressures. |
|
1.5 | Assess organizational risk appetite. |
|
Module 2: Perform a Gap Analysis
The Purpose
- Perform a gap analysis.
Key Benefits Achieved
- Define the program's target state.
- Assess the organization's current state.
Activities: | Outputs: | |
---|---|---|
2.1 | Define program target state. |
|
2.2 | Assess current security capabilities. |
|
2.3 | Identify security gaps. |
|
2.4 | Build initiatives to bridge the gaps. |
|
Module 3: Complete the Gap Analysis
The Purpose
- Complete the gap analysis.
Key Benefits Achieved
- Security program improvement tasks and initiatives
Activities: | Outputs: | |
---|---|---|
3.1 | Continue assessing security capabilities. |
|
3.2 | Identify security gaps. |
|
3.3 | Build task list. |
|
3.4 | Build initiatives list. |
|
Module 4: Develop the Roadmap
The Purpose
- Develop the roadmap.
Key Benefits Achieved
- Security program roadmap
- Communication resources
Activities: | Outputs: | |
---|---|---|
4.1 | Conduct cost-benefit analysis. |
|
4.2 | Prioritize initiatives. |
|
4.3 | Discuss resourcing and accountability. |
|
4.4 | Finalize security roadmap. |
|
4.5 | Create communication plan. |
|
Module 5: Communicate and Implement
The Purpose
Finalize deliverables.
Key Benefits Achieved
Consolidate documentation into a finalized deliverable that can be used to present to executives and decision makers to achieve buy-in for the project.
Activities: | Outputs: | |
---|---|---|
5.1 | Support communication efforts. |
|
5.2 | Identify resources in support of priority initiatives. |
|