in order to minimize security threats , e-commerce firms must develop a coherent corporate policy that takes into account the nature of the risk, the information assets that need protecting, and the procedures and technologies required to address the risks , as well as implementation and auditing mechanisms. briefly describe the key steps in developing a security plan?