A vulnerability scanner is used at least fortnightly to identify missing patches or updates for vulnerabilities in drivers.
Topic
Scanning for missing patches or updates
Applicable to
all
History
Dec 2023
A vulnerability scanner is used at least fortnightly to identify missing patches or updates for vulnerabilities in drivers.
The existing control relating to conducting vulnerability scanning to identify missing patches or updates for vulnerabilities in drivers and firmware was relaxed from weekly scanning to fortnightly scanning and split into two separate controls. [ISM-1703, ISM-1900]
Sep 2023
A vulnerability scanner is used at least weekly to identify missing patches or updates for vulnerabilities in drivers and firmware.
References to ‘security vulnerabilities’ were replaced with ‘vulnerabilities’.