ABSTRACT
Overview You spent a great deal of time and energy building the customized factory that is your information security program. Now it’s time to start delivering the product. The execution phase of the methodology is the process of delivering the projects from the security project portfolio; this is the tangible representation of your program. To accomplish this task we will focus on four major concepts:
1. Project execution 2. Incorporating security into projects 3. Vendor evaluation/selection 4. Preparing the marketing material to publicize the program accom-
plishments
In Chapter 3, Design, we concentrated heavily on creating a security project portfolio based on the requirements of the business. We then prioritized them by performing a risk assessment.
