Activity
Evaluate possible IT actions
Evaluate possible risk responses ICS ERM
Organisation
Responsible
IT Expert
Accountable
Risk Manager
Input/Output
Input data
Action plan
Output data
Action plan