Watch this video on YouTube
After identifying potential security vulnerabilities, what should be the next step for the IS auditor?