Keeping systems secure across thousands of software developers and hundreds of projects all running at full speed is a constant challenge. Morgan Stanley addresses this problem with two cooperating teams: Security Architecture and Security Blueprints. SecArch helps internal software teams comply with policy and secure their software designs, while security specialists from SecBlue work with technology experts to produce reusable blueprints and guidance. The process identifies and tracks risks and captures lessons for the future. We show the process, the results, and some of our dashboards that give executive management a view into the process, its output, and its impact.