You've learned about the organisation, you've taken steps to build awareness and trust with the staff, and you've created a plan with the organisation's input. Now it's time to implement the tools, practices and policies that will make the organization more secure.