The application owner did not approve the patch installation to avoid interrupting the application. Which of the following should be the information security manager’s FIRST course of action? - InfraExam 2023

The application owner did not approve the patch installation to avoid interrupting the application. Which of the following should be the information security manager’s FIRST course of action?

Post author:InfraExam
Post published:December 21, 2021
Post category:Uncategorized
Post comments:0 Comments
Post last modified:December 21, 2021
Reading time:1 mins read

Last Updated on December 21, 2021 by InfraExam

CISM : Part 1 - 40
CISA : Part 41 - 80

During a security assessment, an information security manager finds a number of security patches were not installed on a server hosting a critical business application. The application owner did not approve the patch installation to avoid interrupting the application.

Which of the following should be the information security manager’s FIRST course of action?

Escalate the risk to senior management.
Communicate the potential impact to the application owner.
Report the risk to the information security steering committee.
Determine mitigation options with IT management.

CISM : Part 1 - 40
CISA : Part 41 - 80

0 0 votes

Article Rating

Subscribe

0 Comments

Inline Feedbacks

View all comments

0

Would love your thoughts, please comment.x

()