How Do We Prioritize Infrastructure?

I'd love to maybe get a grip on how you guys think about priortization, because it seems like that would be the key to sort of everything that you're doing. How do we look at risk from a three legged stool? So i think we spent a lot of time talking about risk identification and risk mitigation. We forget that third leg, which is every risk we identify and we don't mitigate were accepting,. And so how do we understand that landscape of risk? How do we use that to drive our priorization? Then how do we do this across 16 cristo sectors that are in various levels of maturity?