Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.RA-01.3: The organisation shall establish and maintain a documented process that enables continuous review, analysis and remediation of vulnerabilities and provides for information sharing where applicable. |
|
ID.RA-01.3 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p64 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p46 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that vulnerabilities are continuously reviewed, analysed, and remediated through a documented process that also supports information sharing where applicable. To achieve this goal, the organisation should: • Incorporate Lessons Learned and Emerging Threats The process should be updated based on incidents, changes in technology, and evolving threats, including those targeting OT systems and industrial protocols. • Use Internal Feedback and Metrics Audit results, performance indicators, and operator feedback should be used to refine the vulnerability management process, especially where manual processes are common. • Leverage Software Bills of Materials (SBOMs) SBOMs should be used to identify vulnerable components in both IT and OT software stacks, including embedded systems and firmware. • Monitor Threat Intelligence Sources Trusted sources such as vendor advisories, ICS-CERT, and ENISA should be monitored for vulnerabilities affecting OT products, control systems, and field devices. • Review Processes and Procedures Operational procedures, especiallythose involving remote access, maintenance, and safety-critical functions, should be reviewed for exploitable weaknesses. • Coordinate with Engineering and Operations Remediation efforts should be planned in coordination with OT and engineering teams to avoid unplanned downtime or safety risks. |
|
A general note, for any purpose. |
The goal of this control is to ensure that vulnerabilities are continuously reviewed, analysed, and remediated through a documented process that also supports information sharing where applicable. To achieve this goal, the organisation should: - Incorporate Lessons Learned and Emerging Threats The process should be updated based on incidents, changes in technology, and evolving threats, including those targeting OT systems and industrial protocols. - Use Internal Feedback and Metrics Audit results, performance indicators, and operator feedback should be used to refine the vulnerability management process, especially where manual processes are common. - Leverage Software Bills of Materials (SBOMs) SBOMs should be used to identify vulnerable components in both IT and OT software stacks, including embedded systems and firmware. - Monitor Threat Intelligence Sources Trusted sources such as vendor advisories, ICS-CERT, and ENISA should be monitored for vulnerabilities affecting OT products, control systems, and field devices. - Review Processes and Procedures Operational procedures, especiallythose involving remote access, maintenance, and safety-critical functions, should be reviewed for exploitable weaknesses. - Coordinate with Engineering and Operations Remediation efforts should be planned in coordination with OT and engineering teams to avoid unplanned downtime or safety risks. |
|
A general note, for any purpose. |
The goal of this control is to ensure that vulnerabilities are continuously reviewed, analysed, and remediated through a documented process that also supports information sharing where applicable. To achieve this goal, the organisation should: - Incorporate Lessons Learned and Emerging Threats The process should be updated based on incidents, changes in technology, and evolving threats, including those targeting OT systems and industrial protocols. - Use Internal Feedback and Metrics Audit results, performance indicators, and operator feedback should be used to refine the vulnerability management process, especially where manual processes are common. - Leverage Software Bills of Materials (SBOMs) SBOMs should be used to identify vulnerable components in both IT and OT software stacks, including embedded systems and firmware. - Monitor Threat Intelligence Sources Trusted sources such as vendor advisories, ICS-CERT, and ENISA should be monitored for vulnerabilities affecting OT products, control systems, and field devices. - Review Processes and Procedures Operational procedures, especiallythose involving remote access, maintenance, and safety-critical functions, should be reviewed for exploitable weaknesses. - Coordinate with Engineering and Operations Remediation efforts should be planned in coordination with OT and engineering teams to avoid unplanned downtime or safety risks. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that vulnerabilities are continuously reviewed, analysed, and remediated through a documented process that also supports information sharing where applicable. To achieve this goal, the organisation should:</p><ul><li>Incorporate Lessons Learned and Emerging Threats The process should be updated based on incidents, changes in technology, and evolving threats, including those targeting OT systems and industrial protocols.</li><li>Use Internal Feedback and Metrics Audit results, performance indicators, and operator feedback should be used to refine the vulnerability management process, especially where manual processes are common.</li><li>Leverage Software Bills of Materials (SBOMs) SBOMs should be used to identify vulnerable components in both IT and OT software stacks, including embedded systems and firmware.</li><li>Monitor Threat Intelligence Sources Trusted sources such as vendor advisories, ICS-CERT, and ENISA should be monitored for vulnerabilities affecting OT products, control systems, and field devices.</li><li>Review Processes and Procedures Operational procedures, especiallythose involving remote access, maintenance, and safety-critical functions, should be reviewed for exploitable weaknesses.</li><li>Coordinate with Engineering and Operations Remediation efforts should be planned in coordination with OT and engineering teams to avoid unplanned downtime or safety risks.</li></ul></div> |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.RA-01.3 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Vulnerability review and remediation process |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall establish and maintain a documented process that enables continuous review, analysis and remediation of vulnerabilities and provides for information sharing where applicable. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
19 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 21 of 21
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1