1. Establishing a risk profile that provides a quantitative analysis of the threats the organization faces. (Risk Assessment)
2. Ensure that IT assets and data assets are accurately accounted for.
3. In order to mitigate risks and vulnerabilities, safety countermeasures need to be justified in terms of their cost.
4. Ensure that IT assets and data assets are accurately accounted for.
5. Identification, prioritization, and documentation of production infrastructure and asset risks, threats, and vulnerabilities.
6. Identifying risks, threats, and vulnerabilities and setting budgets for remediation or defect.7. Investing funds in infrastructure or other business assets to offset potential risk means understanding the return on investment