7.2: Establish and Maintain a Remediation Process
CSF v1.1 References:
Control is new to this version of the control set and incorporates the following controls from the previous version: 3.6: Compare Back-to-Back Vulnerability Scans, 3.7: Utilize a Risk-Rating Process.
Control Statement
Establish and maintain a risk-based remediation strategy documented in a remediation process, with monthly, or more frequent, reviews.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]