To increase the number of vulnerabilities

To track assessments over time and find patterns

To reduce the number of employees

To increase the organization's revenue

A list of employees

A description of all vulnerabilities found for assets in scope

The organization's annual budget

A list of competitors

A detailed explanation of how a threat could leverage a vulnerability

A list of all employees' birthdays

A summary of the company's history

A list of all company assets

The company's stock prices

The risk posed by each vulnerability/threat

The number of employees

The company's marketing strategies

Avoid

Transfer

Mitigate

Ignore

Increase the risk

Stop the risk from occurring

Transfer the risk to another party

Accept the risk as it is

By ignoring it

By avoiding, transferring, mitigating, or accepting it

By increasing the risk

By documenting it only