VPM-04
Continuous Vulnerability Remediation Activities
Description
Mechanisms exist to address new threats and vulnerabilities on an ongoing basis and ensure assets are protected against known attacks.
Control Question
Does the organization address new threats and vulnerabilities on an ongoing basis and ensure assets are protected against known attacks?
Control Metadata
Domain:
Vulnerability & Patch Management
Validation Cadence:
Annual
Evidence Request List:
E-MNT-03 E-THR-05
Framework Mappings
This control maps to the following compliance frameworks
APRA CPS234
21
MAS TRM
13.6.1(a)13.6.1(b)13.6.1(c)