Identify and involve the relevant stakeholders of the vulnerability analysis and resolution process as planned.
Measure and control the vulnerability analysis and resolution process against the plan for performing the process and take appropriate corrective action.
Objectively evaluate adherence of the vulnerability analysis and resolution process against its process description, standards, and procedures, and address non-compliance.
Review the activities, status, and results of the vulnerability analysis and resolution process with higher level managers and resolve issues.
Vulnerability analysis and resolution is institutionalized as a defined process.
Establish and maintain the description of a defined vulnerability analysis and resolution process.
Collect vulnerability analysis and resolution work products, measures, measurement results, and improvement information derived from planning and performing the process to support future use and improvement of the organization’s processes and process assets.
Passcode