What are the three primary aspects of information security risk management? Why is each important? What are the critical considerations when dismissing an employee? Do these change according to whether the departure is friendly or hostile, or according to which position the employee is departing from? List and describe the options available for the location of the information security functions within the organization. Discuss the advantages and disadvantages of each option.