>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

3.2.6Vulnerability Remediation

>Control Description

To ensure security vulnerabilities are well managed, FRFIs should: Maintain capabilities to ensure timely risk-based patching of vulnerabilities, in vendor software and internal applications, that considers the severity of the threat and vulnerability of the exposed systems; Apply patches at the earliest opportunity, commensurate with risk and in accordance with established timelines; Implement compensating controls as needed to sufficiently mitigate risks when remediation options are not available (e.g., "zero-day" attacks); and Regularly monitor and report on patching status and vulnerability remediation against defined timelines, including any backlog and exceptions.

>Cross-Framework Mappings

SCF

RSK-06.2
Compare
VPM-04
Compare
VPM-05
Compare

Ask AI

Configure your API key to use AI features.