I recently attended to the 2011 edition of the SSTIC conference (a major security conference in France), where I had a good time and where the slides of Joanna Rutkowska somehow inspired me.
I shamelessly decided to reuse and extend her mind-map style diagram from a system security centric view into something more generic and operational on IT security.
Then, I came with this first version of the diagram:
A the moment it is probably quite incomplete and incoherent on some aspects, but I am quite satisfied of the shape it is taking. I will certainly update it quite often, as soon as I think about something new.
I find it convenient as a memo summarizing goals, steps and tools to achieve security. It may also help clarifying some points during a presentation.
Feel free to use it (as long as you keep the credit to this website). I am waiting for your comments and suggestions on how to improve it.