The document discusses the need for information security in organizations. It states that the primary mission of an information security program is to ensure information assets remain safe and useful. It then outlines four important functions of information security for organizations: protecting the organization's ability to function, protecting the data and information it collects and uses, enabling the safe operation of applications, and safeguarding technology assets. Finally, it emphasizes that implementing information security is as much about management as it is about technology.