List four of the nine competencies needed to manage the IT strategic management function that are identified in the EBK.

What will be an ideal response?

---

1. Establish an IT security program to provide security for all systems, networks, and data that support the operations and business/mission needs of the organization
2. Integrate and align IT security, physical security, personnel security, and other security components into a systematic process to ensure that information protection goals and objectives are reached
3. Align IT security priorities with the organization's mission and vision, and communicate the value of IT security within the organization
4. Acquire and manage the necessary resources, including financial resources, to support IT security goals and objectives and reduce overall organizational risk
5. Establish overall enterprise information security architecture (EISA) by aligning business processes, IT software and hardware, local and wide area networks, people, operations, and projects with the organization's overall security strategy
6. Acquire and manage the necessary resources, including financial resources, for instituting security policy elements in the operational environment
7. Establish organizational goals that are in accordance with standards, procedures, directives, policies, regulations, and laws (statutes)
8. Balance the IT security investment portfolio based on EISA considerations and enterprise security priorities
9. Ensure that appropriate changes and improvement actions are implemented as required