Rule 6.6.7010 - ASSESS RISK(1) The licensee: (a) identifies reasonable foreseeable internal or external threats that could result in unauthorized disclosure, misuse, alteration or destruction of an individual's personal information or a licensee's information systems;(b) assesses the likelihood and potential damage of these threats, taking into consideration the sensitivity of the personal information involved; and(c) assesses the sufficiency of policies, procedures, information systems and other safeguards in place to control risks.NEW, 2005 MAR p. 426, Eff. 4/1/05.33-19-106, MCA, IMP, 33-19-102 and 33-19-306, MCA;