With what said, the question is how can you improve your security management?
In the legendary words of Spinal Tap, "Where can you go from there? What do you do if you need that extra push over the cliff? You put it up to eleven."
Indeed. Let's work on ramping up your security plan to an 11. There's always room for improvement.
How can you do this? The answer is by having an outside security consultant audit your plan, procedures, and policies on a regular basis. This may mean an annual audit, or it may mean an audit once every 3 years or every 5 years. Whatever your budget and schedule calls for, make a plan to have your program assessed on a consistent timetable.
Familiarity breeds complacency. Complacency breeds risk. Even if your security plan is A+ 10 out of 10, failing to evaluate the program regularly will lead to complacency, and eventually risk will creep back in.
Pat yourself on the back for a job well done with solid security management, and then turn it up to 11 and have someone audit you.