There are several steps in Information Risks planning.  How can you utilize these steps to create a “Security Data Policy for employees storing personal data on their work computers.” Describe how you will use each step. Will you need to use all the steps, if not what steps would be eliminated and why?