During a security assessment, an information security manager finds a number of security patches were not installed on a server hosting a critical business application. The application owner did not approve the patch installation to avoid interrupting the application. Which of the
following should be the information security manager's FIRST course of action?
Currently there are no comments in this discussion, be the first to comment!