What are the organization's assets? If there exist any access controls in place? Explain how effective are they? How may you tell? Explain the weaknesses in the controls? Specify whether there exist any new or upgraded access controls being considered? Let us explore this substantial component of the information security.