Navigate

CCI-001068

CCI-001068 Definition

The organization employs automated mechanisms to compare the results of vulnerability scans over time to determine trends in information system vulnerabilities.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed must configure and implement automated mechanisms which provide the capability to compare the results of vulnerability scans over time to determine trends in information system vulnerabilities.

Validation Procedures

The organization conducting the inspection/assessment validates the organization is employing automated mechanisms to compare the results of vulnerability scans over time to determine trends in information system vulnerabilities.

Compelling Evidence

1.) Standard operating procedure (SOP). 2.) Reference to standard operating procedure (SOP) section on the automated process for comparing vulnerability scan results.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001068.

Control	Description
RA-5 (6)	The organization employs automated mechanisms to compare the results of vulnerability scans over time to determine trends in information system vulnerabilities.