RSK-07
Risk Assessment Update
Description
Mechanisms exist to routinely update risk assessments and react accordingly upon identifying new security vulnerabilities, including using outside sources for security vulnerability information.
Control Question
Does the organization routinely update risk assessments and react accordingly upon identifying new security vulnerabilities, including using outside sources for security vulnerability information?
Control Metadata
Domain:
Risk Management
Validation Cadence:
Annual
Framework Mappings
This control maps to the following compliance frameworks
MAS TRM
4.1.5
HKIA GL20
1.11.21.31.41.52.12.22.3