420 likes | 431 Views
This article explores the importance of having a strategy in IT and business to achieve goals under uncertain conditions. Topics include risk analysis, strategic analysis, design framework, and effective communication of the strategy.
E N D
Strategy: If you don’t know where you’re going, you’ll never get there Don Welch, Ph.D. CISO
Agenda Introduction Risk Strategy Basics IT and Business Strategy Strategic Analysis Design Framework Communicating the Strategy
Strategy: Definition High level plan to achieve one or more goals under conditions of uncertainty • WikiPedia
Strategy: Definitions A pattern in a stream of decisions • Henry Mintzberg, McGill University
Strategy: Definitions Planning and marshalling resources for their most efficient and effective use • Business Dictionary
Strategy: Definitions Plan to achieve long-term goals Guide for decisions at all levels Efficient and effective resource allocation
Constraints Funding Regulations and Laws Staff Time and Talent Business Overhead Political Capital Accountability Calendar Time
Written Plan One Pager < 10 Pages Full Document
Information Security Strategy Low Moderate High Identify Protect High + (Restricted) Watch Respond Recover