What is the final step in assessing the risk of network intrusion from an internal or external source?