Manage IT security at the highest appropriate organizational level, so the management of security actions is in line with business requirements.