A description of typical assets
A discussion about the current risks in the organization with no network segregation to each of the assets A discussion about specific risks that the new consultant network will create
Details on how you will test for risk and conduct a security assessment A discussion on risk mitigation