1 on the case the following case study involves the operations of a fictional company named silver star mines and helps us to illustrate the steps following the risk assessment process. this case study has been adapted/expanded from a study done by peter hock in 2003. silver star mines is the local operations of a large global mining company. it has a large it infrastructure used by numerous business areas. given the outcome of the risk assessment for this company, the next stage in the security management process is to identify possible controls. from the information provided during this assessment, clearly a number of possible controls (listed in the lecture slides) are not being used. a comment repeated many times was that many of the systems in use had not been regularly upgraded, and part of the reason for the identified risks was the potential for system compromise using a known but unpatched vulnerability. that clearly suggests that attention needs to be given to controls relating to the regular, systematic maintenance of