NIST CSF 2.0 · ID Identify

ID.RA-01 Vulnerabilities identified and recorded

Vulnerabilities in assets are identified, validated and recorded.

Mapped across 17 provisions

Equivalent and related requirements in other frameworks and regulations.

CIS Controls v8EquivalentOfficial mapping
Source: CIS Controls v8 / NIST CSF 2.0
7.1 Establish and maintain a vulnerability management process
Gestion des vulnérabilités
NIST 800-53EquivalentOfficial mapping
Source: NIST CSF 2.0 / SP 800-53 Rev. 5
RA-5 Vulnerability monitoring and scanning
Gestion des vulnérabilités
NIST 800-53PartialOfficial mapping
Source: NIST CSF 2.0 / SP 800-53 Rev. 5
RA-3 Risk assessment
Évaluation et gestion des risques
PCI DSSEquivalentOfficial mapping
Source: PCI DSS v4.0 / NIST CSF 2.0
Req. 11 Test security of systems and networks regularly
Gestion des vulnérabilités
CCPA / CPRARelatedCurated
§1798.150 Duty to implement reasonable security
Évaluation et gestion des risques
Cyber EssentialsEquivalentCurated
CE-5 Security update management
Gestion des vulnérabilités
DORARelatedCurated
Art. 6 ICT risk management framework
Évaluation et gestion des risques
Essential EightEquivalentCurated
E8-1 Patch applications
Gestion des vulnérabilités
Essential EightEquivalentCurated
E8-2 Patch operating systems
Gestion des vulnérabilités
GLBAPartialCurated
§314.4(d) Regularly test or monitor safeguards
Gestion des vulnérabilités
HIPAARelatedCurated
§164.308(a)(1) Security management process
Évaluation et gestion des risques
ISO 27001EquivalentCurated
A.8.8 Management of technical vulnerabilities
Gestion des vulnérabilités
LGPDPartialCurated
Art. 46 Security measures
Évaluation et gestion des risques
NIS2RelatedCurated
Art. 21(2)(a) Risk analysis and information system security policies
Évaluation et gestion des risques
NIST 800-171EquivalentCurated
3.11.2 Scan for vulnerabilities
Gestion des vulnérabilités
NIST 800-171RelatedCurated
3.11.1 Periodically assess risk
Évaluation et gestion des risques
SOC 2EquivalentCurated
CC7.1 Vulnerability detection and monitoring
Gestion des vulnérabilités

← All NIST CSF 2.0 subcategories