Why do networking components need more examination from an InfoSec perspective than from a systems development perspective?
What value would an automated asset inventory system have for the risk identification process?
Which information attributes are seldom or never applied to software elements?