Vulnerability Assessment Service
Welcome! This is the Home Page for the Vulnerability Assessment (VA) Service provided by the IT PMO, part of our Systems Assurance mandate and maturing IT Security Program.
The VA service is a tool to assist system administrators, discovering network-attached devices, new services, and exposures that sysadmins and management need to be aware of.
This service was initiated in Fall/07 and initially targeted the most critial "core" application systems as determined by the University's Risk Management Steering Committee (RM-SC). The service has now expanded to regularly scan more than 500 servers and desk-tops in multiple departments on campus.
Concurrent with the roll-out of the service, an enterprise-level Vulnerability Assessment Policy and Practice Standard have been developed. These documents have been reviewed by ITSC and approved by the CIO on December 4/09. In accordance withe this policy we are working to include all servers on campus. Contact us if you would like your department's infrastructure scanned!
Project Background:
Here is a link to an Oct/07 Management Brief on this topic.
| Attachment | Size |
|---|---|
| 2007-Oct-VulnerabilityAssessmentMgmntBrief.pdf | 55.91 KB |
| CIO-ITSecurity-08.6-VA-2009Standard.pdf | 25.43 KB |
| CIO-ITSecurity-08.6-VA-2009Approved.pdf | 30.54 KB |