Currently, how are you assuring your customers, your stakeholders, and yourself that you are properly securing your vital assets? (Assurance environment)
Organizations in all industries are increasingly required to demonstrate compliance with various security frameworks. Would that also apply to you? If your competitor can prove compliance but you cannot, will you lose the prospective client? (Contract requirements)
Certainly, are you able to demonstrate monitoring of your risks and security controls? (Monitoring)
Today, how are you monitoring the compliance of your supply chain to ensure they are protecting the integrity and continuity of your business? (Vendor Management)
From a 90,000-foot view, how are you planning on pulling that all together? (Initiatives) What do you feel your alternatives are here?