This paper looks at how a vulnerability management (VM) process could be designed and implemented within an organization. Articles and studies about VM usually focus mainly on the technology aspects of vulnerability scanning. The goal of this study is to call attention to something that is often...