Vulnerability Assessment Policy

Approved by the CIO, December 4/09.

Excerpt: "Vulnerability management is an important foundational component of the University's security program. The process of network discovery/scanning, identification of vulnerabilities, assessment, patching and mitigation is referred to as vulnerability management. A centrally-administered vulnerability assessment (VA) service will be utilized to discover vulnerabilities anywhere within the university technology environment, manage remediation of identified vulnerabilities, and monitor compliance."

For information on the Vulnerability Assessment Service provided by CCS Information Security, click here.

Full text of Vulnerability Assessment Policy:Updated November/09 Vulnerability Assessment Policy   and Vulnerability Assessment Practice Standard.