The University of SydneyPage 7Classes of Security Decisions Strategic Administrative Operational Key decisions Setting security objectives and goals Resource allocation for security strategy Infrastructure expansion strategy Research and development for future operations Organizational: Structure of information flows; Authority and responsibility structures Structure of resource conversions: Establishing high integrity business processes Resource acquisition: Financing security operations; return on security investments; facility management Identifying operating objectives and goals Costing security initiatives Operational control strategies Policies and operating procedures for various functions Key characteristic Decisions generally centralized Generally partial ignorance of actual operations and challenges Non repetitive decisions Balancing conflicting demands of strategy and operations Conflicts between individual and group objectives Decisions generally triggered by strategic or operating problems Decentralized decisions Known risks Repetitive problems and decisions Suboptimization because of inherent complexity –These are not mutually exclusive. All are interwoven !