It is important that a company’s security goals be aligned with its business objectives. To do this, a company can share its key business strategy or develop organizational goals and then require that every department set performance management goals that align with the key business strategy. A security team is influenced by both internal and external trends. A security team identifies gaps and develops security solutions. The team also observes external security trends, technological changes, and growing threats and attempts to develop measures to protect company data and systems. At the same time, individual members of the security team develop performance goals. Security planning at all levels benefits from alignment of goals to support business objectives.
• Why is it important that security be aligned with organizational objectives and not just IT objectives? List three examples of business projects that a security team should be aware of and plan for and explain how this is beneficial.
• How does security benefit the business? How is security planning improved by working more closely with the business and by “speaking the language of business”?
• Why should individual performance goals within the security team be aligned with organizational objectives? How should the security manager ask team members to set goals? What should he or she do to put the organizational objectives in the context of security goals and priorities?