“ISO / IEC 27000 Series and NIST” Please respond to the following:

Determine the part of an IT security program that you believe is the most challenging for organizations to implement. Justify your reasoning.
Analyze the business considerations, information assurance, and information systems security considerations that impact the area that you identified as being most challenging to implement. Provide at least two recommendations for IT management to implement to align the information assurance and security considerations with the business goals.