Part of the IT organization thinks that locking down the workstations is critical at this point, while a different group thinks that securing the network and servers should be considered a top priority.
Explain why you feel that having both teams continuously discussing and working separately would not be the ideal solution.
What is your understanding of risk assessment?
How do you think a risk assessment might be able to resolve this conflict?
What is your understanding of risk assessment?