Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.RA-08.1: The organisation shall establish and implement a vulnerability management plan to identify, analyse, assess, mitigate and communicate all types of vulnerabilities including in the form of a Coordinated Vulnerability Disclosure (CVD) according to applicable legal modalities. |
|
ID.RA-08.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p71 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p52 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that all types of vulnerabilities are systematically identified, analysed, assessed, mitigated, and communicated through a documented vulnerability management plan. This includes handling disclosures in line with Coordinated Vulnerability Disclosure (CVD) practices and applicable legal requirements. To achieve this goal, the organisation should: - Establish a Comprehensive Vulnerability Management Plan The plan should cover vulnerabilities from internal testing, external sources such as security bulletins, and disclosures from researchers, vendors, partners, or government cybersecurity bodies. - Assign Responsibilities and Monitor Implementation Clearroles should be defined forprocessing, analysing, and responding to disclosedvulnerabilities. Implemen- tation of procedures should be monitored to ensure timely and effective handling. - Support Coordinated Vulnerability Disclosure (CVD) The plan should include procedures forreceiving and responding tovulnerabilityreports from external parties. CVD practices should align with guidance provided by ENISA’s CVD framework, which outlines legal, tech- nical, and communication considerations. - Ensure OT-Specific Coverage The plan should address vulnerabilities in OT environments, including legacy systems, vendor-managed components, and embedded firmware, where patching or mitigation may require coordination with engi- neering teams. |
|
A general note, for any purpose. |
The goal of this control is to ensure that all types of vulnerabilities are systematically identified, analysed, assessed, mitigated, and communicated through a documented vulnerability management plan. This includes handling disclosures in line with Coordinated Vulnerability Disclosure (CVD) practices and applicable legal requirements. To achieve this goal, the organisation should: - Establish a Comprehensive Vulnerability Management Plan The plan should cover vulnerabilities from internal testing, external sources such as security bulletins, and disclosures from researchers, vendors, partners, or government cybersecurity bodies. - Assign Responsibilities and Monitor Implementation Clearroles should be defined forprocessing, analysing, and responding to disclosedvulnerabilities. Implemen- tation of procedures should be monitored to ensure timely and effective handling. - Support Coordinated Vulnerability Disclosure (CVD) The plan should include procedures forreceiving and responding tovulnerabilityreports from external parties. CVD practices should align with guidance provided by ENISA’s CVD framework, which outlines legal, tech- nical, and communication considerations. - Ensure OT-Specific Coverage The plan should address vulnerabilities in OT environments, including legacy systems, vendor-managed components, and embedded firmware, where patching or mitigation may require coordination with engi- neering teams. |
|
A general note, for any purpose. |
The goal of this control is to ensure that all types of vulnerabilities are systematically identified, analysed, assessed, mitigated, and communicated through a documented vulnerability management plan. This includes handling disclosures in line with Coordinated Vulnerability Disclosure (CVD) practices and applicable legal requirements. To achieve this goal, the organisation should: • Establish a Comprehensive Vulnerability Management Plan The plan should cover vulnerabilities from internal testing, external sources such as security bulletins, and disclosures from researchers, vendors, partners, or government cybersecurity bodies. • Assign Responsibilities and Monitor Implementation Clearroles should be defined forprocessing, analysing, and responding to disclosedvulnerabilities. Implemen- tation of procedures should be monitored to ensure timely and effective handling. • Support Coordinated Vulnerability Disclosure (CVD) The plan should include procedures forreceiving and responding tovulnerabilityreports from external parties. CVD practices should align with guidance provided by ENISA’s CVD framework, which outlines legal, tech- nical, and communication considerations. • Ensure OT-Specific Coverage The plan should address vulnerabilities in OT environments, including legacy systems, vendor-managed components, and embedded firmware, where patching or mitigation may require coordination with engi- neering teams. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that all types of vulnerabilities are systematically identified, analysed, assessed, mitigated, and communicated through a documented vulnerability management plan. This includes handling disclosures in line with Coordinated Vulnerability Disclosure (CVD) practices and applicable legal requirements. To achieve this goal, the organisation should:</p><ul><li>Establish a Comprehensive Vulnerability Management Plan The plan should cover vulnerabilities from internal testing, external sources such as security bulletins, and disclosures from researchers, vendors, partners, or government cybersecurity bodies.</li><li>Assign Responsibilities and Monitor Implementation Clearroles should be defined forprocessing, analysing, and responding to disclosedvulnerabilities. Implemen- tation of procedures should be monitored to ensure timely and effective handling.</li><li>Support Coordinated Vulnerability Disclosure (CVD) The plan should include procedures forreceiving and responding tovulnerabilityreports from external parties. CVD practices should align with guidance provided by ENISA’s CVD framework, which outlines legal, tech- nical, and communication considerations.</li><li>Ensure OT-Specific Coverage The plan should address vulnerabilities in OT environments, including legacy systems, vendor-managed components, and embedded firmware, where patching or mitigation may require coordination with engi- neering teams.</li></ul></div> |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.RA-08.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Vulnerability management plan |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall establish and implement a vulnerability management plan to identify, analyse, assess, mitigate and communicate all types of vulnerabilities including in the form of a Coordinated Vulnerability Disclosure (CVD) according to applicable legal modalities. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
1 |
|
|
The number of triples associated with the subject. |
21 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 23 of 23
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1