50 Vulnerability ManageMent
ese participants are not directly involved in performing vulnerabil-
ity assessments but the process cannot proceed without their help.
en, there is the operational role. ese participants are direct actors
in the day-to-day operation of the VM technology. ey perform the
scans, assess the vulnerabilities, and make sure that the priorities are
raised to the right constituencies. ey also assure that the VM tech-
nology continues to function optimally in a dynamic environment.
Some of the key groups involved in the VM process are asset own-
ers, Security, Human Resources, IT, vulnerability managers, incident
managers, change management, and compliance management. Each
of these roles is either directly involved in ...