Describe potential risks to the information and the related vulnerabilities within the organization.
Identify the forces that drive each threat and the related vulnerabilities.
Discuss how the values for threat and vulnerability combine to indicate the overall risk the organization faces.
Describe how an organization can properly manage its information security efforts using proper risk management techniques and cost-benefit analyses for these information security efforts.
Explain the legal, ethical, and regulatory requirements for protecting data.