During this discussion, talk about and examine the process(es) of collecting information security measures, how often do they need to be collected, what are the downsides of collecting and reporting the measures too frequently or too seldom