GLBA · Elements of the information security program

§314.4(d) Regularly test or monitor safeguards

Regularly test or otherwise monitor the effectiveness of safeguards, including continuous monitoring or periodic penetration testing and vulnerability assessments.

Mapped across 10 provisions

Equivalent and related requirements in other frameworks and regulations.

CIS Controls v8PartialCurated
7.1 Establish and maintain a vulnerability management process
Gestion des vulnérabilités
Cyber EssentialsPartialCurated
CE-5 Security update management
Gestion des vulnérabilités
Essential EightPartialCurated
E8-1 Patch applications
Gestion des vulnérabilités
Essential EightPartialCurated
E8-2 Patch operating systems
Gestion des vulnérabilités
ISO 27001PartialCurated
A.8.8 Management of technical vulnerabilities
Gestion des vulnérabilités
NIST 800-171PartialCurated
3.11.2 Scan for vulnerabilities
Gestion des vulnérabilités
NIST 800-53PartialCurated
RA-5 Vulnerability monitoring and scanning
Gestion des vulnérabilités
NIST CSF 2.0PartialCurated
ID.RA-01 Vulnerabilities identified and recorded
Gestion des vulnérabilités
PCI DSSPartialCurated
Req. 11 Test security of systems and networks regularly
Gestion des vulnérabilités
SOC 2PartialCurated
CC7.1 Vulnerability detection and monitoring
Gestion des vulnérabilités

← All GLBA requirements