VM-19—External Alerts and Advisories
>Control Description
Theme
Type
Policy/Standard
Incident Management Policy>Implementation Guidance
1. Ensure that a process has been defined and documented to review alerts and advisories from approved security forums. 2. Ensure that management reviews the list of approved security forums and updates accordingly. 3. Ensure all verified threats are communicated to authorized personnel and tracked to resolution
>Testing Procedure
1. Inspect and validate that a process has been defined and documented to review alerts and advisories from approved security forums. 2. Validate whether the management reviews the list of approved security forums and updates accordingly using last update evidence. 3. Validate communication and resolution evidence for a sample of verified threats.
>Audit Artifacts
>Framework Mappings
Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.
Ask AI
Configure your API key to use AI features.