Required Documentation & Templates

  • Asset Register (refer to CSF ID.AM-1)

  • Vulnerability Risk Register (cross-referenced with Incident Register)

  • Patch Management Log

  • TVM SOPs and Playbooks

  • Annual PenTest Report (with remediation tracker)

  • Communication Matrix (internal + regulatory)

PreviousMetrics and MonitoringNextRegulatory and FCA Compliance Mapping

Last updated