💼 A.16.1.3 Reporting information security weaknesses
- ID:
/frameworks/iso-iec-27001-2013/16/01/03
Description​
Employees and contractors using the organization’s information systems and services shall be required to note and report any observed or suspected information security weaknesses in systems or services.
Similar​
- Internal
- ID:
dec-c-87fa1331
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 DE.DP-4: Event detection information is communicated | 29 | 33 | no data | ||
| 💼 NIST CSF v1.1 → 💼 PR.IP-12: A vulnerability management plan is developed and implemented | 7 | 9 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|