for TAO Members
This Blueprint will help you:
- Understand current security practice capabilities and performance.
- Understand your security obligations, scope, boundaries, and responsibilities.
- Establish a security target state based on your organizational context.
- Develop a strategy and roadmap to help you achieve your security target state.
Research & Tools
Read the Executive Brief
Read our concise Executive Brief to find out why you should build an information security strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.
1. Assess security requirements
Define the business, customer, and compliance alignment for the security program, and determine the organization’s security pressure risk tolerance.
2. Build a gap initiative strategy
Use our best-of-breed security framework to perform a gap analysis between current and target states, and define security goals and duties.
3. Prioritize initiatives and create roadmap
Synthesize the gap analysis into a list of actionable security initiatives, and prioritize these based on cost, effort, security benefit, and alignment with business demands.
4. Execute and maintain
Learn to use Info-Tech’s methodology to manage security projects on the go, and identify resources that will help execute the strategy successfully.