Provides authoritative advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. This includes advice on the application and operation of all types of security controls, including legislative or regulatory requirements such as data protection/GDPR and software copyright law.