RA-5(2): Update Vulnerabilities to Be Scanned
- NIST Special Publication 800-53 Revision 4:
- RA-5(2): Update By Frequency / Prior To New Scan / When Identified
Update the system vulnerabilities to be scanned [Assignment (one or more): [Assignment: organization-defined frequency] , prior to a new scan, when new vulnerabilities are identified and reported].
Due to the complexity of modern software, systems, and other factors, new vulnerabilities are discovered on a regular basis. It is important that newly discovered vulnerabilities are added to the list of vulnerabilities to be scanned to ensure that the organization can take steps to mitigate those vulnerabilities in a timely manner.