Problem
1. List and briefly define the elements from the implementation follow-up phase of IT security management.
2. What is the relation between change and configuration management as a general systems administration process, and an organization's IT security risk management process?