When we do quarterly planning, my team categorizes our goals within four evergreen outcomes:
- Reduce the risk of information security incidents
- Increase trust in Vanta’s information security program
- Reduce the friction caused by information security controls
- Use security expertise to support the business
- In this article, I’m going to focus on number three: reducing friction.
Declaring your intentions#
There is value in making “reducing friction” an explicit goal of your security program. It sets the right tone with your counterparts across the organization, and is one step toward building a positive security culture.