Write a 250 to 500 word-long discussion post addressing the way risk management affects the way an organization implements an Information Security program.