Navigate

CCI-000285

CCI-000285 Definition

The organization conducts announced or unannounced assessments (in-depth monitoring, malicious user testing, penetration testing, red team exercises, or other organization-defined forms of security assessment), on an organization-defined frequency, to ensure compliance with all vulnerability mitigation procedures.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000285.

Control	Description
No controls