In line with its risk management program, an organization might decide to host unsupported applications on its supported or unsupported operating systems. In this post, I describe how organizations should upgrade, replace, or retire unsupported software assets, including operating systems.
Having a managed software asset inventory helps an organization ensure that its software is identified, authorized, managed, or retired before it can be exploited. In this post, I describe why your organization should establish a software inventory to manage its software.
Risk tolerance--the amount of risk an organization is willing to accept--should be part of your organization's comprehensive risk management program. In this post, I describe how your organization can define its risk tolerance.