This is in continuation of
https://www.googlinux.com/understanding-the-risk-management-process/
Considering Vulnerabilities, Threats, and Risks
* Confidentiality, Integrity, and Availability (CIA) factors span the risk
management assessments of vulnerabilities, threats, and risks.
* Assets can be categorized as data, systems, facilities, and people.
Concerning information assets, the enterprise should consider vulnerabilities,
threats,