A simple iterative process is introduced to help guide IT, network, and cyber security teams in the introduction of zero trust access to their enterprise.