For my Security Risk Managment Lab 6 Question 11.) In your Lab Report file, create a detailed IT risk-mitigation plan outline by inserting appropriate subtopics and sub-bullets. I want to make sure I answered correctly or if I am missing anything? Please see my answer right below:

Risk mitigation involves two steps:

Identifying the various activities, or steps, to reduce the probability and/or impact of an adverse risk.

Creation of a Contingency Plan to deal with the risk should it occur.

Taking early steps to reduce the probability of an adverse risk occurring may be more effective

and less costly than repairing the damage after a risk has occurred. However, some risk

mitigation options may simply be too costly in time or money to consider.

Mitigation activities should be documented in the Risk Register and reviewed on a regular basis.

They include:

Identification of potential failure points for each risk mitigation solution.

For each failure point, document the event that would raise a flag indicating that the event or factor has occurred or reached a critical condition.

For each failure point, provide alternatives for correcting the failure.