The pressing need to increase the speed of vulnerability mitigation, coupled with pressure to meet new regulatory requirements, is driving the convergence of vulnerability management and IT security management functions. Vulnerability assessment tools, and security audit and policy compliance tools, require asset classification data to enable business-oriented risk reporting and analysis of vulnerabilities, and to drive mitigation workflow. The goal of vulnerability assessment processes and technology is to implement and maintain system configurations to create more-secure environments. The security impact of the technology is determined by the ability to change the environment.”]