Finalize your information security roadmap and action plan, and begin to implement the different outlined initiatives. Take advantage of existing deliverables, then complete the following:
- Create a security charter.
- Build the security program organizational structure.
- Create a change and communication plan.
- Develop a metrics program.
- Develop a security services catalog.
The conclusion of this phase and project will allow you to fully implement your security program and realize the program's benefits.