Identify the risk exposure for each of these two organizations. Compare and contrast these risks.
List the risks (of the information being lost, corrupted, stolen, etc.) by different methods.
Identify the impact of not adequately protecting this information (consequences and costs).