The contextual step was more of a broad list of objectives for the security architecture. Translating these high-level business requirements into IT objectives can be a daunting task for anybody! Involving the IT department in this step will, hopefully, bring them on-board with the development of overall security architecture. Depending on the situation and the complexity of the organization, this list can become quite long, but this step is the foundation for us to begin the development of the security attributes we need for the conceptual layer of the SABSA model. The component layer is where we will begin to put the concrete technologies into our security architecture. The physical layer is where we add in the various security services that we need in our security architecture. Azure is a massive platform, with an almost infinite number of options and that is without even looking at the 3rd part options that can be used within Azure.