GLBA · Elements of the information security program

§314.4(d) Regularly test or monitor safeguards

Regularly test or otherwise monitor the effectiveness of safeguards, including continuous monitoring or periodic penetration testing and vulnerability assessments.

Mapped across 10 provisions

Equivalent and related requirements in other frameworks and regulations.

CIS Controls v8PartialCurated
7.1 Establish and maintain a vulnerability management process
Vulnerability management
Cyber EssentialsPartialCurated
CE-5 Security update management
Vulnerability management
Essential EightPartialCurated
E8-1 Patch applications
Vulnerability management
Essential EightPartialCurated
E8-2 Patch operating systems
Vulnerability management
ISO 27001PartialCurated
A.8.8 Management of technical vulnerabilities
Vulnerability management
NIST 800-171PartialCurated
3.11.2 Scan for vulnerabilities
Vulnerability management
NIST 800-53PartialCurated
RA-5 Vulnerability monitoring and scanning
Vulnerability management
NIST CSF 2.0PartialCurated
ID.RA-01 Vulnerabilities identified and recorded
Vulnerability management
PCI DSSPartialCurated
Req. 11 Test security of systems and networks regularly
Vulnerability management
SOC 2PartialCurated
CC7.1 Vulnerability detection and monitoring
Vulnerability management

← All GLBA requirements