Conduct workshops for an information security strategy based on existing documentation and concepts. Subsequent drafting of the information security strategy