Start your security strategy with an introduction to security management and an understanding of business and IT plans. In this phase, you will:
- Learn about the role of security management.
- Link security goals to corporate and IT goals.
- Define your security obligations, scope, and boundaries.
- Determine the organization’s risk tolerance and its security pressure posture.
This will provide you the necessary requirements before assessing the current state of your entire program.