Filter

Supply Chain Management and Transparency and Accountability (STA)

Periodically review the organization's supply chain partners' IT governance policies and procedures.


Login

Supply Chain Management and Transparency and Accountability (STA)

Define and implement a process for conducting security assessments periodically for all organizations within the supply chain.


Login

Threat and Vulnerability Management (TVM)

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures to identify, report and prioritize the remediation of vulnerabilities, in order to protect systems against vulnerability exploitation. Review and update the policies and procedures at least annually.


Login

Threat and Vulnerability Management (TVM)

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures to protect against malware on managed assets. Review and update the policies and procedures at least annually.


Login

Threat and Vulnerability Management (TVM)

Define, implement and evaluate processes, procedures and technical measures to enable both scheduled and emergency responses to vulnerability identifications, based on the identified risk.


Login

Threat and Vulnerability Management (TVM)

Level N/A

Define, implement and evaluate processes, procedures and technical measures to update detection tools, threat signatures, and indicators of compromise on a weekly, or more frequent basis.


Login

Threat and Vulnerability Management (TVM)

Define, implement and evaluate processes, procedures and technical measures to identify updates for applications which use third party or open source libraries according to the organization's vulnerability management policy.


Login

Threat and Vulnerability Management (TVM)

Define, implement and evaluate processes, procedures and technical measures for the periodic performance of penetration testing by independent third parties.


Login

Threat and Vulnerability Management (TVM)

Define, implement and evaluate processes, procedures and technical measures for the detection of vulnerabilities on organizationally managed assets at least monthly.


Login

Threat and Vulnerability Management (TVM)

Use a risk-based model for effective prioritization of vulnerability remediation using an industry recognized framework.


Login