Strategy and Strategic Planning Strategy Strategic planning and
- Slides: 26
Strategy and Strategic Planning: Strategy, Strategic planning and security strategy, the information security lifecycle and Architecting the enterprise by Erlan Bakiev, Ph. D.
The Role of Planning Precursors to Planning Values Statement Vision Statement Mission Statement Strategic Planning Creating a Strategic Planning Levels Planning and the CISO(Chief Info Security Officer) Planning for Information Security Implementation
Identify the roles in organizations that are active in the planning process Grasp the principal components of information security system implementation planning in the organizational planning scheme.
Planning Influences Employees Management Stockholders Outside stakeholders Physical environment Political and legal environment Competitive environment Technological environment
Information Security Professionals that support the information security program Chief Information Officer (CIO) Chief Information Security Office (CISO) Security Managers Security Technicians Data Owners Data Custodians 6 Data Users Slide 6
Planning Definition Planning is creating action steps toward goals and then controlling them Provides direction for the organization’s future Allows managing resources Optimizes the use of the resources Coordinates the effort of independent organizational units 7
Precursors to Planning Values Statement Vision Statement Mission Statement 8
Values Statement Principles Qualities Benchmarks What your company is? Microsoft: Integrity, honesty, passion, and respectfulness are significant parts of Microsoft’s corporate philosophy 9
Vision Statement Ambitious Best-case scenario Future goals Where your company wants to be? Microsoft: A personal computer in every home running Microsoftware 10
Mission Statement Organization’s business Areas of operation Internal External How your company is going to get there? Google: Organize the world's information and make it universally accessible and useful. 11
Strategic Planning Strategy lays out the long-term direction to be taken by organization It guides organizational efforts, and focuses resources toward specific, clearly defined goals. Strategic planning includes Mission statement Vision statement Values statement 12 Coordinated plans for sub units
Creating a Strategic Plan Organization Develops a general strategy Creates specific strategic plans for major divisions Each level of translates those objectives into more specific objectives for the level below 13
Top-Down Strategic Planning 14
Creating a Strategic Plan Strategic goals are translated into tasks Specific Measurable Achievable Realistic Timely 15
Planning Levels Strategic Planning Five or more year focus Strategic plan separated into strategic goals for each department Tactical Planning One to three year focus Breaks strategic goals into a series of incremental objectives 16
Planning Levels Operational Planning Organize the ongoing, day-to-day performance of tasks Includes clearly identified coordination activities across department boundaries Communications requirements Weekly meetings Summaries Progress reports 17
Planning Levels 18
Strategic Plan Elements Introduction by senior executive Executive Summary Mission Statement and Vision Statement Organizational Profile and History Strategic Issues and Core Values Program Goals and Objectives Management/Operations Goals and Objectives Appendices (optional) Strengths, weaknesses, opportunities and threats (SWOT) analyses, surveys, budgets 19&etc
10 Tips For Strategic Planning 1. 2. 3. 4. Create a compelling vision statement Embrace the use of balanced scorecard approach Deploy a draft high level plan early, and get input from stakeholders Make the evolving plan visible 20
10 Tips For Planning (cont. ) 5. 6. 7. 8. 9. 10. Make the process invigorating for everyone Be persistent Make the process continuous Provide meaning Be yourself Have fun 21
Planning For Info. Sec Implementation Commonly the CISO directly reports to the CIO. The CIO and CISO play important roles in translating overall strategic planning into tactical and operational information security plans CISO plays a more active role planning the details 22
CISO Job Description Creates strategic information security plan with a vision for the future of information security Understands fundamental business activities performed by the company Suggests appropriate information security solutions that uniquely protect these activities Improves status of information security by developing action plans schedules budgets status reports top management communications 23
Planning for Information Security CIO: translates strategic plan into departmental and Info. Sec objectives CISO: translates Info. Sec objectives into tactical and operational objectives Implementation can now begin Implementation of information security can be accomplished in two ways Bottom-up Top-down 24
Bottom-Up Approach Grass-roots effort Individual administrators try to improve security No coordinated planning from upper management No coordination between departments Unpredictable funding 25
Top-Down Approach Strong upper management support A dedicated champion Assured funding Clear planning and implementation process Ability to influence organizational culture 26
- Strategic planning vs tactical planning
- Strategic complement
- Strategic competitiveness
- Analysing the 6 strategic options megxit
- Strategic fit vs strategic intent
- The strategy making strategy executing process
- Functional strategy and strategic choice
- Entry strategy and strategic alliances
- Functional strategy and strategic choice
- Market entry modes for international businesses chapter 7
- Entry strategy and strategic alliances
- Functional strategy and strategic choice
- Subjective factors in strategic choice
- Hypercompetition
- Explain company wide strategic planning
- Strategic and operational planning in healthcare
- Retail strategic planning and operations management
- Strategic and operational planning
- Peranan peramalan
- Performance management and strategic planning
- Strategic capacity planning for products and services
- Why planning is important
- Developing capacity strategies
- Strategic capacity planning for products and services
- Strategic capacity planning for products and services
- What is corporate strategy in strategic management
- Parenting strategy in strategic management