LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Certified Information Systems Auditor (CISA) Cert Prep

Unlock this course with a free trial

Join today to access over 24,100 courses taught by industry experts.

Information security strategy

Information security strategy

From the course: Certified Information Systems Auditor (CISA) Cert Prep

Start my 1-month free trial Buy for my team

Information security strategy

“

- [Instructor] Now moving right along, let's go ahead and take a look at strategic planning. So this is a critical part of what our governing entities do for us, is they help us take those stakeholder needs, goals and objectives and turn them into strategy. So we've got a definition here from ISACA, which is obviously very relevant since ISACA oversees the CISA exam. So in information security and risk management, so you hear ISRM all the time, provides an organization with a roadmap. So a general direction, not every little specific step along the way, but if I'm going from North Carolina to California, I'm going to get on I-40 and I'm going to drive on I-40 through a bunch of states. But not every little step, every little speed limit, every little exit. So strategy's going to be broad, right? And it's going to have the goals and objectives to make sure that we align our information security program to the business goals of the organization, right? And that's everything. That's what…

Contents