Introduction The purpose of a Risk Assessment is to identify threats and vulnerabilities and develop a plan to mitigate the risks identified within the assessment. Like all processes, we can make it easy or extremely complicated and difficult. Planning is the key. C-I-A Triad The C-I-A triad consists of three elements: Confidentiality, Integrity and Availability