To help with some of those situations, we do more of a qualitative risk assessment where it’s not really dollar figures, it’s really people’s opinions of how badly a particular problem might be for us. so we need to think about and interview people to get their perspective of the significance. If we lost the mail server, how would that impact you and your part of the organization? We obviously don’t have dollar figures we can associate with this, but some people will do a traffic light grid or some other method to be able to view this so here’s a good example of looking at the risk factor, the impact of the organization, the annualized rate of occurrence, the cost of having controls in place, and what you might think of an overall risk. and in this case, it’s a red, a yellow and a green that’s here, much like a traffic light. So you can understand having an untrained staff might have very little impact. It might have maybe a yellow, kind of a mid-range annualized rate of occurrence. and the cost of controls for that, not very expensive, your overall risk probably in the yellow range. so you could take multiple risk factors and at least put them on a high level view, so you can get a better understanding of what the risk might be.