Many CISOs and security managers want to take a more strategic approach to security, but don¿t have the time or the resources to put together a framework and the necessary tools to map out what their security program looks like and where they should invest their budgets. Working with a number of CISOs, Forrester has developed a set of tools that organizations can use to create a security architecture reflecting their business. These tools are meant as a starting point; organizations should modify them to suit their own needs according to their particular business requirements.