This information has been shared freely by Mark E.S. Bernard. If you find it useful please acknowledge this contribution. If you
would like additional information or assistance with the customization and implementation of a balanced risk management
process for your security program then please contact Mark @ 604-349-6557 or firstname.lastname@example.org
Governance Framework Defined
A Vision is broadly defined, clear and compelling statement about the
Enterprise’s purpose for Enterprise Security.
Strategic Objectives are a set of goals that are necessary and sufficient to move
the Enterprise towards its vision for Enterprise Security.
Critical Success Factors (CSF) are a set of outcomes that are necessary to
achieve the strategic objectives for Enterprise Security.
Key Performance Indicators (KPI) are concrete metrics tracked to ensure that
Enterprise Security’s CSF are being achieved.
Key actions and business changes are the initiatives to be delivered in order to
achieve the Enterprise Vision and Strategic Objectives for Enterprise Security.