Vulnerability Analysis and Resolution (VAR)
Level Operations
Measure and control the vulnerability analysis and resolution process against the plan for performing the process and take appropriate corrective action.
Vulnerability Analysis and Resolution (VAR)
Level Operations
Objectively evaluate adherence of the vulnerability analysis and resolution process against its process description, standards, and procedures, and address non-compliance.
Vulnerability Analysis and Resolution (VAR)
Level Operations
Review the activities, status, and results of the vulnerability analysis and resolution process with higher level managers and resolve issues.
Vulnerability Analysis and Resolution (VAR)
Level Operations
Vulnerability analysis and resolution is institutionalized as a defined process.
Vulnerability Analysis and Resolution (VAR)
Level Operations
Establish and maintain the description of a defined vulnerability analysis and resolution process.
Vulnerability Analysis and Resolution (VAR)
Level Operations
Collect vulnerability analysis and resolution work products, measures, measurement results, and improvement information derived from planning and performing the process to support future use and improvement of the organization’s processes and process assets.
Inventory and Control of Hardware Assets
Establish and maintain an accurate, detailed, and up-to-date inventory of all enterprise assets with the potential to store or process data, to include: end-user devices (including portable and mobile), network devices, non-computing/IoT devices, and servers. Ensure the inventory records the network address (if static), hardware address, machine name, enterprise asset owner, department for each asset, and whether the asset has been approved to connect to the network. For mobile end-user devices, MDM type tools can support this process, where appropriate. This inventory includes assets connected to the infrastructure physically, virtually, remotely, and those within cloud environments. Additionally, it includes assets that are regularly connected to the enterprise’s network infrastructure, even if they are not under control of the enterprise. Review and update the inventory of all enterprise assets bi-annually, or more frequently.
Inventory and Control of Hardware Assets
Level 1
Ensure that a process exists to address unauthorized assets on a weekly basis. The enterprise may choose to remove the asset from the network, deny the asset from connecting remotely to the network, or quarantine the asset.
Inventory and Control of Hardware Assets
Level 2
Utilize an active discovery tool to identify assets connected to the enterprise’s network. Configure the active discovery tool to execute daily, or more frequently.
Inventory and Control of Hardware Assets
Use DHCP logging on all DHCP servers or Internet Protocol (IP) address management tools to update the enterprise’s asset inventory. Review and use logs to update the enterprise’s asset inventory weekly, or more frequently.
