Details

Implementation Group 1 – Does the Organization have an established policy defining a timeframe to to remediate software issues, such as removing unauthorized applications and/or patching out of date/unsupported software?

Supportive Information

The following resource is also helpful.

• https://controls-assessment-specification.readthedocs.io/en/latest

This control applies to the following type of system Unix.

References

• CSCv7|2.1

Source

• Tenable.com/audits