Microsoft The most important part of deployment is planning. It is not possible to plan for security, however, until a full risk assessment has been performed. Security planning involves developing security policies and implementing controls to prevent computer risks from becoming reality. The policies outlined in this paper are merely guidelines. Each organization is different and will need to plan and create policies based upon its individual security goals and needs. The discussion of tools and technologies in this paper is focused on features rather than technology. This emphasis allows security officials and IT managers to choose which tools and techniques are best suited to their organizations' security needs.