http://blogs.technet.com/regcomp/archive/2008/09/20/risk-management.aspxWithin the Solution Accelerators library, many nuggets get overlooked. One of these nuggets is the Security Risk Management Guide . If your interested in a good simple to follow guide that can help you negotiate the issues around a Qualitative, or Quantitativeen-USCommunityServer 2.1 SP1 (Build: 61025.2)