History

Priority

must

2017

Security vulnerabilities in operating systems, applications, drivers and hardware devicesassessed as moderate or low risk must be patched or mitigated within one month of thesecurity vulnerability being identified by vendors, independent 3rd parties, system ownersor users.

Control Added. No public explaination.