💼 SI-2 FLAW REMEDIATION

Contextual name: 💼 SI-2 FLAW REMEDIATION
ID: /frameworks/nist-sp-800-53-r4/si/02
Located in: 💼 SI SYSTEM AND INFORMATION INTEGRITY

Description

The organization: SI-2a. Identifies, reports, and corrects information system flaws; SI-2b. Tests software and firmware updates related to flaw remediation for effectiveness and potential side effects before installation; SI-2c. Installs security-relevant software and firmware updates within [Assignment: organization-defined time period] of the release of the updates; and SI-2d. Incorporates flaw remediation into the organizational configuration management process.

Similar

Internal
- ID: dec-c-a8b77d4f

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 ID.RA-1: Asset vulnerabilities are identified and documented		13	15
💼 NIST CSF v1.1 → 💼 PR.IP-12: A vulnerability management plan is developed and implemented		7	9

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 SI-2 (1) CENTRAL MANAGEMENT
💼 SI-2 (2) AUTOMATED FLAW REMEDIATION STATUS
💼 SI-2 (3) TIME TO REMEDIATE FLAWS _ BENCHMARKS FOR CORRECTIVE ACTIONS
💼 SI-2 (4) AUTOMATED PATCH MANAGEMENT TOOLS
💼 SI-2 (5) AUTOMATIC SOFTWARE _ FIRMWARE UPDATES
💼 SI-2 (6) REMOVAL OF PREVIOUS VERSIONS OF SOFTWARE _ FIRMWARE

Policies (2)

Policy	Logic Count	Flags
📝 AWS DMS Replication Instance Auto Minor Version Upgrade is not enabled 🟢	1	🟢 x6
📝 AWS RDS Instance Auto Minor Version Upgrade is not enabled 🟠🟢	1	🟠 x1, 🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-0d66ed99	1
✉️ dec-x-215302da	1

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (2)​

Internal Rules​