>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

VM-11Enterprise Antivirus Scope

>Control Description

Vulnerability scans are periodically performed on systems that do not require anti-virus; management determines if anti-virus should be required on the system based on scan results and associated risk.

Theme

Process

Type

Corrective

Policy/Standard

Vulnerability Management Policy

>Implementation Guidance

1. Ensure a process is defined and documented to perform vulnerability scans on all systems. 2. Ensure the process identifies systems on which antivirus should be deployed.

>Testing Procedure

1. Inspect and validate a process is defined and documented to perform vulnerability scans on all systems. 2. Validate whether the scan identifies systems on which antivirus should be deployed.

>Audit Artifacts

E-VM-01
E-RM-02

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

PCI DSS
5

5.2
5.2.1
5.2.2
5.2.3
5.2.3.1

Cyber Essentials
1

MP

Ask AI

Configure your API key to use AI features.