I hope you have time to just fill in the blanks here, we did a risk assessment on mobile devices specific, we were 4 people from different departments initiating this workshop to identify the risks for mobile devices.
I get the feeling the assessment report is made for all of the assessments we are doing or like in our case we do it on several type of areas, like mobile devices.
We identified four risks, we had 1 with the value 3 but we still accepted that risk and no other change was made in the appendix 2, in other words, we did not lower the risk value in this case.
And to complete this risk we need to document this in 3 different files, Appendix 1, 2 and 3 (final report).
Can you help me figure out this last part?