24By7 Security Security Strategic Plan is a Virtual Chief Information Security Officer (VCISO) service that develops comprehensive security strategic plans for organizations. The service creates three-year security roadmaps with tactical initiatives phased over 90 days, 12 months, 24 months, and up to 36 months. The service begins with a security strategic review that examines the organization's current security program, including review of recent security risk assessments, interviews with personnel, and evaluation of security documentation and IT systems. If no recent assessment exists, the VCISO directs a security risk assessment to establish a baseline. The resulting security strategic plan provides recommendations and target dates for strategic and tactical initiatives designed to strengthen information security. The plan includes guidance for developing personnel, processes, procedures, and technology upgrades needed for implementation over the three-year timeframe. The service also delivers recommendations for staffing, resources, and budgetary requirements to support the strategic plan, along with timeline and milestone recommendations and tactical priorities for execution. The VCISO operates as an executive-level security strategist working on behalf of the organization to deliver the security strategic plan at a pre-agreed cost.