# Plan: Establishing your security scope and model
<a name="plan"></a>

Planning is an iterative process as you mature your security model. Key steps in the planning process include:
+ [Understanding the security scope](understanding-the-security-scope.md) – Security scope varies and depends on how the cloud is used.
+ [Choosing a security model](choosing-a-security-model.md) – Identify the best-fitting security model for your security use case.
+ [Creating a business objective model](creating-a-business-objective-model.md) – Define clear goals and mechanisms to measure success.

As you develop your plan, consider the following:
+ Be willing to iterate. Iteration is constant in the cloud. Iteration helps you identify gaps in the plan.
+ Do not start with services. Start with your plan instead of picking out what services you need. This helps drive your organization to its intended outcomes.