Patching and Vulnerability Management Policy and Procedures
Provide your Vulnerability Management and Patch Management Policies.
Ensure that the policies include:
How often you perform vulnerability scans
What types of vulnerability scans you perform
How you apply patches
Timelines for remediating vulnerabilities based on their criticality
A requirement that your policy be reviewed annually
Associated Unified Control ID | Associated Framework Control |
CTRL-652 | REQ-42, REQ-44, REQ-45 , REQ-43, REQ-46, REQ-47 |