RA-5 (2) - Update Vulnerabilities to Be Scanned
Control requirements
RA-5 (2) - 0
Update the system vulnerabilities to be scanned [Selection (one or more): [IBM Assignment: prior to a new scan]; prior to a new scan; when new vulnerabilities are identified and reported].
NIST supplemental guidance
Due to the complexity of modern software, systems, and other factors, new vulnerabilities are discovered on a regular basis. It is important that newly discovered vulnerabilities are added to the list of vulnerabilities to be scanned to ensure that the organization can take steps to mitigate those vulnerabilities in a timely manner.