This standard documents the security requirements for Vulnerability Management within the Company.
The objectives of the document are to:
a. Provide a statement of intent describing how vulnerability management will be implemented in accordance with Information Security and other requirements
b. Describe the security requirements for identifying, analyzing, fixing and monitoring vulnerabilities
c. Identify the roles, systems and equipment to which this standards applies
d. Define the key steps that support the implementation of this standard
Vulnerability management must be applied to all Company systems and infrastructure. Vulnerability management is prioritized on Hardware and Software storing, processing or transferring Company confidential data, and other Hardware or Software deemed necessary through a risk assessment.
CONTENT
1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. ACCOUNTABILITIES AND RESPONSIBILITIES
4. OVERVIEW OF THE VULNERABILITY MANAGEMENT PROCESS
4.1 IDENTIFICATION
4.2 ANALYSIS
4.3 FIX
4.4 MONITORING
5. EXCEPTIONS
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
Pages: 10
This bundle contains all the products listed in the Operations Management section. Take advantage of the 25% OFF when buying the bundle!
The objective of the Configuration Management Procedure is to ensure the integrity and availability of Company information and to prevent damages from uncontrolled configuration changes to all IT and physical infrastructure services that support Company’s systems.
The objective of the Application Security Standard is to identify the minimum security requirements for applications implemented by the Company, to reduce the risk of security incidents caused by security weaknesses of applications that adversely affect the confidentiality, integrity, and/or availability of Company applications and data.
Review Vulnerability Management Standard.
You must be logged in to post a review.