NIST 800-53 · RA — Risk Assessment
RA-5 Vulnerability monitoring and scanning
Monitor and scan for vulnerabilities and remediate them in line with risk.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- ISO 27001EquivalentOfficial mapping
Source: NIST SP 800-53 Rev. 5 / ISO/IEC 27001
A.8.8 Management of technical vulnerabilitiesGestion des vulnérabilités
- NIST CSF 2.0EquivalentOfficial mapping
Source: NIST CSF 2.0 / SP 800-53 Rev. 5
ID.RA-01 Vulnerabilities identified and recordedGestion des vulnérabilités
- CIS Controls v8EquivalentCurated7.1 Establish and maintain a vulnerability management process
Gestion des vulnérabilités
- Cyber EssentialsEquivalentCuratedCE-5 Security update management
Gestion des vulnérabilités
- Essential EightEquivalentCuratedE8-1 Patch applications
Gestion des vulnérabilités
- Essential EightEquivalentCuratedE8-2 Patch operating systems
Gestion des vulnérabilités
- GLBAPartialCurated§314.4(d) Regularly test or monitor safeguards
Gestion des vulnérabilités
- NIST 800-171EquivalentCurated3.11.2 Scan for vulnerabilities
Gestion des vulnérabilités
- PCI DSSEquivalentCuratedReq. 11 Test security of systems and networks regularly
Gestion des vulnérabilités
- SOC 2EquivalentCuratedCC7.1 Vulnerability detection and monitoring
Gestion des vulnérabilités