314.4(d)(2)(ii)—314.4(d)(2)(ii)
>Control Description
Vulnerability assessments, including any systemic scans or reviews of information systems reasonably designed to identify publicly known security vulnerabilities in your information systems based on the risk assessment, at least every six months; and whenever there are material changes to your operations or business arrangements; and whenever there are circumstances you know or have reason to know may have a material impact on your information security program.
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.