💼 SI-2 FLAW REMEDIATION
- ID:
/frameworks/nist-sp-800-53-r4/si/02
Description
The organization: SI-2a. Identifies, reports, and corrects information system flaws; SI-2b. Tests software and firmware updates related to flaw remediation for effectiveness and potential side effects before installation; SI-2c. Installs security-relevant software and firmware updates within [Assignment: organization-defined time period] of the release of the updates; and SI-2d. Incorporates flaw remediation into the organizational configuration management process.
Similar
- Internal
- ID:
dec-c-a8b77d4f
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 ID.RA-1: Asset vulnerabilities are identified and documented | 13 | 16 | no data | ||
| 💼 NIST CSF v1.1 → 💼 PR.IP-12: A vulnerability management plan is developed and implemented | 7 | 9 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 SI-2 (1) CENTRAL MANAGEMENT | no data | ||||
| 💼 SI-2 (2) AUTOMATED FLAW REMEDIATION STATUS | no data | ||||
| 💼 SI-2 (3) TIME TO REMEDIATE FLAWS _ BENCHMARKS FOR CORRECTIVE ACTIONS | no data | ||||
| 💼 SI-2 (4) AUTOMATED PATCH MANAGEMENT TOOLS | no data | ||||
| 💼 SI-2 (5) AUTOMATIC SOFTWARE _ FIRMWARE UPDATES | no data | ||||
| 💼 SI-2 (6) REMOVAL OF PREVIOUS VERSIONS OF SOFTWARE _ FIRMWARE | no data |
Policies (2)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS DMS Replication Instance Auto Minor Version Upgrade is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance Auto Minor Version Upgrade is not enabled🟠🟢 | 1 | 🟠 x1, 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-0d66ed99 | 1 | |
| ✉️ dec-x-215302da | 1 |