Discussion
1) Risk in the context of security is the possibility of something bad happening, and the results of the damage if it occurs. Discuss the purpose and benefits of establishing a formal Information Risk Management (IRM) process.
2) Discuss the importance of Due Diligence and Due Care and how they relate to information systems security. Under what conditions could there be Due Diligence without Due Care?
The response should include a reference list. Double-space, using Times New Roman 12 pnt font, one-inch margins, and APA style of writing and citations.