ABSTRACT
The key to successful budgeting is establishing a direct alignment between the information security budget and business strategies. Team members with experience in project management may assume leadership roles in the budgeting process because of their experience in managing project budgets. This group may mentor other information security team members in budget basics. The budgeting process lets the organization lay down priorities, recommit to its mission, and distribute resources where they can be used most effectively, and tracks performance against spending targets. Zero-based budgeting is an alternative approach to budget planning that turns traditional budgeting methodology on its head. Some organizations use a hybrid approach to the budgeting process that incorporates some of the benefits of both the traditional and zero-based budgeting, while limiting the disadvantages associated with both methods. Probably the number one question among chief information security officers in regard to budgeting involves the most effective way to request an increase in the information security budget.
