πΌ SI-2 FLAW REMEDIATION
- Contextual name: πΌ SI-2 FLAW REMEDIATION
- ID:
/frameworks/nist-sp-800-53-r4/si/02 - Located in: πΌ SI SYSTEM AND INFORMATION INTEGRITY
Descriptionβ
The organization: SI-2a. Identifies, reports, and corrects information system flaws; SI-2b. Tests software and firmware updates related to flaw remediation for effectiveness and potential side effects before installation; SI-2c. Installs security-relevant software and firmware updates within [Assignment: organization-defined time period] of the release of the updates; and SI-2d. Incorporates flaw remediation into the organizational configuration management process.
Similarβ
- Internal
- ID:
dec-c-a8b77d4f
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ ID.RA-1: Asset vulnerabilities are identified and documented | 14 | 15 | ||
| πΌ NIST CSF v1.1 β πΌ PR.IP-12: A vulnerability management plan is developed and implemented | 7 | 8 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ SI-2 (1) CENTRAL MANAGEMENT | ||||
| πΌ SI-2 (2) AUTOMATED FLAW REMEDIATION STATUS | ||||
| πΌ SI-2 (3) TIME TO REMEDIATE FLAWS _ BENCHMARKS FOR CORRECTIVE ACTIONS | ||||
| πΌ SI-2 (4) AUTOMATED PATCH MANAGEMENT TOOLS | ||||
| πΌ SI-2 (5) AUTOMATIC SOFTWARE _ FIRMWARE UPDATES | ||||
| πΌ SI-2 (6) REMOVAL OF PREVIOUS VERSIONS OF SOFTWARE _ FIRMWARE |
Policies (1)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS RDS Instance Auto Minor Version Upgrade is not enabled π π’ | 1 | π x1, π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-215302da | 1 |