Security Strategy

Embed security thinking through aligning your security strategy to business goals and values.

The challenge

You may be experiencing one or more of the following:

  • You may not have sufficient security resources to handle all the challenges.
  • Security threats are prevalent. Yet many businesses struggle to embed systemic security thinking into their culture.
  • The need to move towards strategic planning of your security landscape is evident. How to get there is another matter.

Our advice


To have a successful information security strategy, take these three factors into account:

  • Holistic: your view must include people, processes, and technology.
  • Risk awareness: Base your strategy on the actual risk profile of your company. And then add the appropriate best practices.
  • Business-aligned: When your strategic security plan demonstrates alignment with the business goals and supports it, embedding will go much more straightforward.

Impact and results 

  • We have developed a highly effective approach to creating your security strategy. We tested and refined this for more than seven years with hundreds of different organizations.
  • We ensure alignment with business objectives.
  • We assess organizational risk and stakeholder expectations.
  • We enable a comprehensive current state assessment.
  • And we prioritize initiatives and build out a right-sized security roadmap.


The roadmap

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

Get up to speed

Read up on why you should build your customized information security strategy. Review our methodology and understand the four ways we can support you.

  • Build an Information Security Strategy – Executive Brief (ppt)
  • Build an Information Security Strategy – Phases 1-4 (ppt)

Assess the security requirements

It all starts with risk appetite, yes, but security is something you want to get right. Determine your organizations' security pressures and business goals, and then determine your security program's goals.

  • Build an Information Security Strategy – Phase 1: Assess Requirements (ppt)
  • Information Security Requirements Gathering Tool (xls)
  • Information Security Pressure Analysis Tool (xls)

Build your gap initiative

Our best-of-breed security framework makes you perform a gap analysis between where you are and where you want to be (your target state). Once you know that, you can define your goals and duties.

  • Build an Information Security Strategy – Phase 2: Assess Gaps (ppt)
  • Information Security Program Gap Analysis Tool (xls)

Know what you will work on first 

Turn the gap analysis into a list of actions. Make executable security initiatives and prioritize them based on cost, effort, security benefit, and business goals.

  • Standardize the Service Desk – Phase 3: Design Request Fulfilment Processes (ppt)
  • Service Definition Checklist (doc)
  • Knowledge Manager (doc)
  • Knowledgebase Article Template (doc)

Plan the implementation of your service desk 

With your design at this level, now it is time to review the performance of your existing IT Service Management (ITSM) tooling and plan to replace it if necessary.

  • Build an Information Security Strategy – Phase 3: Build the Roadmap (ppt)

Let it run and continuously improve. 

Learn to use our methodology to manage security initiatives as you go. Identify the resources you need to execute the evolving strategy successfully.

  • Build an Information Security Strategy – Phase 4: Execute and Maintain (ppt)
  • Information Security Strategy Communication Deck (ppt)
  • Information Security Charter (doc)


Buying options for this content at the bottom when available. Otherwise please contact us.

Client rating


Cost Savings


Days Saved




Let's Talk More Options To Help You

Online Consulting Gert 800px A8f59edf

Tymans Group Guidance & Consulting

Tymans Group guidance and (online) consulting using both established and forward-looking research and field experience in our management domains.

Tymans Group
& Info-Tech

Get both inputs, all of the Info-tech research (with cashback rebate), and Tymans Group's guidance.

Info-Tech Research

Info-Tech offers a vast knowledge body, workshops, and guided implementations. You can buy Info-Tech memberships here at Tymans Group with cashback, reducing your actual outlay.

IT Risk Management · IT Leadership & Strategy implementation · Operational Management · Service Delivery · Organizational Management · Process Improvements · ITIL, CORM, Agile · Cost Control · Business Process Analysis · Technology Development · Project Implementation · International Coordination · In & Outsourcing · Customer Care · Multilingual: Dutch, English, French, German, Japanese · Entrepreneur
Tymans Group is a brand by Gert Taeymans BV
Gert Taeymans bv — Koning Albertstraat 136, 2070 Burcht, Belgium — VAT No: BE0685.974.694 — phone: +32 (0) 468.142.754 — Contact
Copyright 2017-2021 Gert Taeymans BV