This document provides guidance on how to prepare for security risks in an organization. It covers topics such as evaluating security risks, identifying acceptable and unacceptable risks, and developing action plans to mitigate them. The document also emphasizes the importance of prioritizing high priority risks and implementing appropriate controls. It is suitable for individuals or organizations looking to enhance their security risk management practices.