This paper describes an integrative approach for teaching information systems (IS) security issues within an IS strategy and policy course. The educational strategy is to get students involved in thinking critically about information systems (IS) security issues in an executive role. The educational goal is for students to develop an information systems plan, thinking about security issues early—that is, while information systems are in the planning stage—and in concert with the all-too-often compartmentalized topic of ethics. The result is a strategic security planning module. The educational approach is described and outcomes mapped to a pair of accepted information security education standards.