6.1 Establish a process to identify security vulnerabilities, using reputable outside sources for security vulnerability information, and assign a risk ranking (for example, as “high,” “medium,” or “low”) to newly discovered security vulnerabilities
|
|
0
|
77
|
February 13, 2023
|
Requirement 6: Develop and maintain secure systems and applications
|
|
0
|
111
|
February 13, 2023
|
5.4 Ensure that security policies and operational procedures for protecting systems against malware are documented, in use, and known to all affected parties
|
|
0
|
75
|
February 13, 2023
|
5.3 Ensure that anti-virus mechanisms are actively running and cannot be disabled or altered by users, unless specifically authorized by management on a case-by-case basis for a limited time period
|
|
0
|
84
|
February 13, 2023
|
5.2 Ensure that all anti-virus mechanisms are maintained as follows:
|
|
0
|
49
|
February 13, 2023
|
5.1.2 For systems considered to be not commonly affected by malicious software, perform periodic evaluations to identify and evaluate evolving malware threats in order to confirm whether such systems continue to not require anti-virus software
|
|
0
|
280
|
February 13, 2023
|
5.1.1 Ensure that anti-virus programs are capable of detecting, removing, and protecting against all known types of malicious software
|
|
0
|
53
|
February 13, 2023
|
5.1 Deploy anti-virus software on all systems commonly affected by malicious software (particularly personal computers and servers)
|
|
0
|
88
|
February 13, 2023
|
Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs
|
|
0
|
82
|
February 9, 2023
|