There was a security breach at the Office of Personnel Management and the information assurance manager was asked to assess the vulnerabilities. The manager reviewed an OPM report which found that hackers gained access through compromised credentials. Had OPM followed previous audit reports and security findings, the breach could have been prevented. Implementing encryption and regular system scans may also have helped prevent and detect the breach. The manager was tasked with creating a Security Assessment Report and Risk Assessment Report identifying threats, vulnerabilities, risks, and recommended remediation.