| Panel |
|---|
Document Name: ACHE Vulnerability and Patch Management Standard |
| Table of Contents |
|---|
Introduction
Vulnerability management is a key component to the protection and maintenance of any modern compute system. NCSA policy requires all systems with high risk data to have a plan to identify and remediate security vulnerabilities. This standard sets describes how systems vulnerabilities are managed in the context of the regular patching and maintenance of systems in the Advanced Computational Health Enclave (ACHE).
Supporting Policies & References
There are several supporting policies, standards and guides, some of which include:
- NCSA Information Security Policy
- NCSA Network Security Policy
- Understanding Severities in the SECURITY JIRA Queue
Scope
This standard applies to all systems in the NCSA's Advanced Computational Health Enclave where there is not a more specific system-level standard. It includes any hardware dedicated to ACHE, including switches, hypervisors, and support systems as applicable. Exceptions are made for devices that cannot be scanned or updated.
This document's content has been moved into the NCSA Vulnerability Management Policy.