Deterrent Preventive Detective Corrective Recovery Compensating Administrative BYOD policy and regulations Asking the employees to bring their own devices Blocking certain websites Having right firewalls a d privacy network security to identify the threats Review of incidental reports File data logs System automatic failover should be implemented as they have not used in the system Implement a disaster recovery plan Due care, Due diligence should be implemented in their policies Technical Physical Vicarious Liability Lack of due care example • Project initiative have to be postponed due to their lack of monitoring and cope with the demands of the project Bringing the own device (Risk