search

Patch and Remediation Management (SP 800-40r4)

  • Prioritise patches by risk tier.

  • Track remediation progress via ITSM tools (e.g., Jira, ServiceNow).

  • Where patches are not feasible, document compensating controls or isolation steps.

References:

SP 800-40r4 https://csrc.nist.gov/pubs/sp/800/40/r4/finalarrow-up-right

ITSM tools https://itsm.tools/arrow-up-right

PreviousRisk Analysis and Prioritisation (SP 800-30r1)NextPenetration Testing and Technical Security Assessments (SP 800-115)

Last updated