Senior Leadership’s determination to integrate an Information security management system within the organization’s business management processes is a business decision and one that is rooted in the real and perceived value of its intellectual property, business information, and technology infrastructure assets. Once the decision to implement an Information security management system (ISMS) is made, Leadership shall establish a steering committee and provide project resources for a multi-disciplinary team, tasked with the implementation of information security (IS) management system controls intended to manage and protect the organizations IS and Information Technology (IT) (business) assets.