To comply with regulations

To increase profits

To identify, assess, and control risks

To eliminate all risks

Risk Elimination

Risk Identification

Risk Mitigation/Control

Risk Assessment

A financial budget for risk management

A list of all potential risks

A method to eliminate risks

A structured approach for managing risks

The amount of risk an organization is willing to accept

The total number of risks identified

The process of assessing risks

The tools used to mitigate risks

Risk Monitoring

Risk Mitigation

Risk Identification

Risk Assessment

External threats to information assets

Weaknesses that can be exploited by threats

The financial impact of risks

The total number of risks identified

To eliminate all vulnerabilities

To create a budget for risk management

To combine and analyze assets, threats, and vulnerabilities

To list all employees