Most outsource security companies have not implemented information technology optimally. A company must implement information technology that is oriented to customers and stakeholders to be competitive. Outsourcing security companies need to apply a systematic approach for managing customer-oriented services. In this study, we implemented business relationship management based on Information Technology Infrastructure Library (ITIL) framework to develop a service strategy, especially for an outsourced security company. There are 5 stages of activities carried out, namely identifying stakeholders, defining business outcomes, establishing strategic and funding requirements, defining business cases, and validating business activity patterns. Verification and revision of customer requirement analysis are performed to validate and evaluate the results. The result of implementing business relationship management is the recommendations of four IT services that suits the organization. The four IT service recommendations are websites, CRM services, monitoring services, and ordering services. Business case documents for each service have been created to identify business impacts and risks.