Once you have investigated security risks and how to manage risks, make a chart to show all potential risks to the company's information system including from inside or outside the system, to hardware and software, and to the network, level of risk, and possible solutions that could be instituted digitally, physically or through policy.