The content to be inventoried per items 1 to 10 (below) will describe “how things currently are” in one or more of an organization’s existing IM, IT and/or OT systems. 1. Use Case Description 2. Business Value 3. Potential Business Data in Scope / Volume of that Data / Lifespan of that Data 4. Use-case Class (e.g., Data in Transit, Data at Rest, Data in Processing, Digital Signature) 5. Technical and Threat Considerations 6. Types of Cryptography Currently in Use 7. Technical Components (e.g., end-points, networks, databases, file servers) 8. Locations where Cryptographic Information Exists (e.g., DLL, hardware) 9. Technical Dependencies (e.g., details on components within this Use Case that depend or rely on other systems for their own security) 10. Ability to Support (Pre and Post-Quantum) Cryptographic Algorithms Simultaneously After the above information is collected, analyzing it will enable planning “What to do to reduce the quantum risk?” in later project phases (e.g., Quantum Risk Assessment, Quantum Risk Mitigation, Migration to Quantum-safe PQC), including: 11. Best Choice of Algorithm to Use 12. Order or Sequence of what needs to be Upgraded 13. Path To Inline Quantum Remediation 14. Alternate Paths to Quantum Remediation (e.g., upgrade of entire system, change in paradigm)