Declassification is required once an asset no longer warrants the
               protection of its currently assigned classification or sensitivity level.

               Know the basics of COBIT. Control Objectives for Information and

               Related Technologies (COBIT) is a security concept infrastructure
               used to organize the complex security solutions of companies.

               Know the basics of threat modeling. Threat modeling is the
               security process where potential threats are identified, categorized,
               and analyzed. Threat modeling can be performed as a proactive
               measure during design and development or as a reactive measure once
               a product has been deployed. Key concepts include

               assets/attackers/software, STRIDE, PASTA, Trike, VAST,
               diagramming, reduction/decomposing, and DREAD.

               Understand the need to apply risk-based management
               concepts to the supply chain. Applying risk-based management
               concepts to the supply chain is a means to ensure a more robust and
               successful security strategy in organizations of all sizes. When

               purchases and acquisitions are made without security considerations,
               the risks inherent in those products remain throughout their
               deployment life span.