As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?
An IT security strategic plan must align with the company’s overall business goals to ensure that security supports and enhances organizational objectives.
Why Review the Business Plan First
Provides a clear understanding of organizational priorities, risks, and strategic directions.
Helps identify critical assets and processes that require security investment.
Comparison of Options
A. The existing IT environment: Important but secondary to aligning with business goals.
C. The present IT budget: Helps in resource allocation but doesn’t guide strategic alignment.
D. Other corporate technology trends: Relevant but less critical than the business plan.
EC-Council References
Strategic alignment is a core principle in EC-Council CISO guidance, ensuring security efforts support business resilience and growth.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit