Watch this video on YouTube
After having ad hoc information security processes, what should be the organization's next step to improve their performance level?