STARTegy: A Strategy for Getting Started with Information Security

A unique combination of your knowledge of your business, and our knowledge of information security controls and how they work together.

Step 1: Understand what data and information you have that should be or needs to be protected.
Step 2: Identify the controls and processes that you have in place to protect your information and other controls and processes that you should have.
Step 3: Educate your employees and raise their awareness about security risks and explain the controls you have.
Step 4: Monitor your control processes periodically to ensure that they are working.

Where are you on the path to information security?

Find out with our Information Security Baseline Review:

  • A unique learning and planning process.
  • Based on ISO 27002, an international standard
  • Delivers a starting point for addressing information security risks

For more information, contact William M. Prohn CISSP, CISA, CGEIT, CRISC at