Recommendations

Recommendations should be clearly stated. This section is the most important part of the document. Your recommendations should be derived logically from the analysis of the data and be verifiable. Just remember that no organization will ever be 100% risk free. There is always the need to balance the cost of protection against the level of risk. If it is too costly or impractical to remove a vulnerability, you should say so, but include other recommendations or courses of action.

Категории