Sprout base plan includes:

Organize security program

build compliance framework

Security policies & controls creation

Implement program within GRC solutions

Document organizational security procedures

Suggest mechanisms for audits

Test control performance

Suggest risk mitigation tools

Maintain alignment with business goals