History
- Priority
- must
- Nov 2018
- Removed
- Removed due to a merge of relevant content into security control 1163.
- 2017
- Agencies must mitigate or otherwise treat identified vulnerabilities as soon as possible.
- 2015
- Agencies must mitigate or otherwise treat identified vulnerabilities as soon as possible.
- 2010
- Agencies must analyse and treat any security risks to their systems identified during avulnerability assessment.
- 2008
- Agencies should analyse and treat any risks to their systems identified during a vulnerability assessment.