Vulnerability scanning has detected a critical risk in a vital business application. Which of the following should the information security manager do FIRST?
A. Report the business risk to senior management.
B. Confirm the risk with the business owner.
C. Update the risk register.
D. Create an emergency change request.
A. Report the business risk to senior management.
B. Confirm the risk with the business owner.
C. Update the risk register.
D. Create an emergency change request.