1. When organizations are implementing security policies, what business considerations must they take into account and why is this important?

2. When implementing policies and standards, building consensus amongst organizational stakeholders is important. Why is intent vs. need an important consideration?

3. Implementing security policies in an organization requires separation of duties when it comes to the IT staff. What does this concept mean and how do organizations ensure they are compliant?

4. Pick two best practices for User Domain Policies and explain what they are and provide examples of what could go wrong in an organization if these best practices are not followed.