This IDC study provides a framework for successfully implementing a data security program. To that end, enterprises should adopt a formal approach toward identifying and assessing the risks to corporate data assets. By taking a systematic approach, enterprises can support their risk assessment process and identify key vulnerable areas that increase the possibility of data loss or theft and may require additional attention.