Depending on the size of the organization (small, medium, large) you are asked to assist in developing a security program.
Reflect on the current roles and titles of the security personnel and make suggestions of improvements.
Provide a plan to make these changes incorporating training requirements.
Determine if the organization uses any ISO security standards and provide reasoning which security model would be more suitable.
Determine the suitability of certification.
Justify by using threat identification and provide risk assessment for this organization