History
- Priority
- should
- Nov 2018
- Removed
- Removed due to being better served as supporting information.
- 2017
- Relevant sources should be monitored for information about new security vulnerabilities andassociated patches for operating systems, applications, drivers and hardware devices.
- Control Text Changed. No public explaination.
- 2015
- Agencies should monitor relevant sources for information about new vulnerabilities andassociated patches for operating systems, applications, drivers and hardware devices.
- 2010
- Agencies should monitor relevant sources for information about new vulnerabilities and security patches forsoftware and ICT equipment they use.
- 2008
- Agencies should: a. monitor relevant sources for information about new vulnerabilities and patches for software and hardware used by the agency b. take corrective action, including a risk assessment as necessary, when vulnerabilities that could affect systems are discovered c. follow their change management procedures when applying patches, including the testing of patches prior to their application to production systems d. replace obsolete software and hardware with products for which ongoing support is available.