At MBU risk assessment framework starts and ends with our client's people. Produced data does not flows through the wire. It is a safe environment to discuss ideas and opportunities in today connected world. Secure by design policy and off-line by default mode are natural terms for MBU's account managers.
In some risk assessment frameworks, the assessment is completed once a risk rating is provided; however, since NIST SP800-30 is a risk management framework, it takes into account the remediation and mitigation aspect in its overall process and it’s worth remembering that control recommendations are part of the risk assessment report.