Home Domains Corporate Services Products Careers Contact Us   Services » IS Strategy The Information Security Strategy component of the Program requires that we work with our clients to understand the fundamental characteristics of their unique business environment so that a management framework for information security measures and activities can be developed. INFORMATION SECURITY STRATEGY PHASES:   Analyze the Operating Environment Conduct analysis to understand the organization’s variables within the political, industry, global, and organizational environments.   Create and Disseminate Policy Create a comprehensive set of policies required to align information security controls and activities with business goals and objectives.       Define IS Requirements Derive a set of information security requirements from policy and business goals and objectives to define a Target Security Environment for the organization. Define human resource requirements including roles and responsibilities. Define financial and budget requirements.   Develop Information Security Plan A roadmap of action that utilizes defined resources to achieve the identified Target Security Environment. Develop a Risk Management Plan that defines processes for accepting, mitigating, or transferring risk.   Communicate with Constituents Participate and exchange information with other business units within the enterprise. Develop a plan for communicating with executive management and all constituents. Define a plan for educating all constituents within the enterprise.   Information Security Overview Security Assessments Security Engineering IS Strategy Strategic Consulting Project Profiles Staffing Services Management Consulting Business Process Outsourcing Copyright © 2008 ACM Business Solutions LLC, All rights are reserved. Read Privacy Policy.