Appendix D. Dealing with Consultants and Outside Vendors
After the decision has been made to conduct an internal risk and vulnerability assessment, deciding how to proceed and whether to conduct the risk and vulnerability assessment with internal resources or external resources is the next decision. Conducting a risk and vulnerability assessment with internal resources can be done by organizations that have the resources and skills needed to conduct an objective risk and vulnerability assessment. Using internal employees to conduct an internal risk and vulnerability assessment may result in prejudice and a nonobjective perspective when it comes to assessing and recommending specific remedies or courses of action to mitigate or remediate known ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
