Posted: Wed Apr 10, 2013 12:00 am Post subject: Security vulnerability
It's been a while since I was on the site having been working in a non-process role the last few years. Now I'm back in the ITIL world and working to develop the Transition and Operational processes. This company is in many respects different from any other I have worked with before. Public sector and Swedish as the business language are two big differences.
Anyway on to my issue. The business information security department run an analysis on the providers network every so often and discover vulnerabilities in the infrastructure. An example may be that we are not running the latest firmware software on our servers. This would involve a rollout across the network through the Release and Deployment processes and the work done by the architecture group. My question is what would be the correct routine for processing these vulnerabilities?
One option we have discussed is contact to the SD resulting in a problem record to problem management. Problem management would then be responsible for ensuring that the issue is resolved.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum