Vulnerabilities often arise from a failure to openly communicate, fully understand and appropriately resource enterprise risk. In this three-part guest article series, Alston & Bird attorneys Kimberly Peretti, Amy Mushahwar and Jon Knight identify challenges and offer practical solutions to address the increased legal risk of vulnerability management. This final article of the series provides detailed questions that legal and technical teams should consider, and a glossary of shared terminology they can use, to better manage the technical obstacles facing their organizations. Part one highlighted several recent legal matters that addressed the adequacy of the companies’ vulnerability management programs, and included practical takeaways for legal and risk professionals. Part two explored the risks of external scanning and third-party scanning tools, and the ways they may be used by unauthorized or unsolicited third parties to identify vulnerabilities. See “When and How Legal and Information Security Should Engage on Cyber Strategy: Assessments and Incident Response (Part Two of Three)” (Apr. 11, 2018).