🔥 3-day streak
ISACA CISM — Certified Information Security Manager87 / 121
Question 87 of 121
A security manager identifies a critical vulnerability in a customer-facing application. The permanent fix requires a vendor patch that will not be available for four months, and the residual risk during that period exceeds the organization's risk appetite. Which action should the security manager take FIRST?
Reviewed for accuracy · Report an issueNext question