To eliminate all potential risks

To prioritise risks based on their impact and likelihood

To document all security policies

To ensure compliance with international standards

A firewall

A hacker attempting to breach a system

An antivirus software

A secure password

Defining user roles and responsibilities

Installing the latest software updates

Conducting regular hardware maintenance

Increasing internet bandwidth

The cost of implementing a security measure

The potential damage caused by a risk

The number of users affected by a risk

The time taken to recover from a risk

Identifying potential threats

Evaluating the effectiveness of current controls

Developing a marketing strategy

Assessing the likelihood of risk occurrence

To increase the speed of internet connections

To protect information assets from threats

To reduce the cost of IT infrastructure

To enhance user interface design

A risk that can be ignored

A risk that requires immediate attention

A risk that is unlikely to occur

A risk that has minimal consequences