Security and risk management professionals need to create a structured way of involving the business in the information risk management process. This presentation provides some basic tools for the business to provide input into the risk assessment process through a series of structured questions and answers that can help identify the biggest information risks to your organization.