AbstractInternal versus external customersHuman resourcesLegalAuditEngineering/R&DITExternal customersCustomer objectivesService level agreementsBuild and document your use casesUse case: unauthorized modification of user accountsStakeholders: compliance and audit departmentsUse case: disabled user account reactivatedStakeholders: HR and ITUse case: any IDS event that scores over a severity of 7Use case: AV failureStakeholders: desktop support team, IT server management teamsUse case: security device outageStakeholders: security and ITUse case rule summaryUse case: top vulnerabilities detected in the networkStakeholders: security, IT, audit, and managementUse case reporting summaryExpectations