Reference no: EM132232240
Question: Senior Management
• Ultimately responsible for all organizational risk, including information technology (IT) risk
• Develops strategic initiatives associated with risk and risk assessment
• Ensures necessary resources are applied effectively
• Assigns and manages vulnerability assessment responsibilities throughout the organization
• Assesses and incorporates results of vulnerability and risk assessment into decision making
IT Management
• Supports the institution's information systems
• Responsible for planning, budgeting, and performance of information systems security
• Works with all other individuals and organizations to ensure vulnerability assessment is properly implemented
• Adheres to vulnerability and risk assessment plan
Functional Management and Employees
• Be consulted during the vulnerability assessment
• Alert IT of perceived vulnerabilities
• Report changes in the workplace
Contractors/Vendors
• Be consulted during the vulnerability assessment
• Provide valuable information on systems and applications
• Participate in vulnerability assessment activities as necessary