SM-06 Incident & Security Monitoring

Vulnerability Management

Weaknesses are found and fixed on a managed basis.

Domain: Incident & Security Monitoring
Control type: Detective
Automated / manual: Automated
Frequency: Per cycle
Framework reference: MAS Cyber Hygiene; MAS TRM

What good looks like

Regular scanning; findings prioritised, remediated within SLA and tracked.

Risk if it fails

Exploitable, unremediated weaknesses.

How Tess tests it

3 tests — each concludes only on cited evidence.

VM process & remediation SLAs defined

Design

Procedure: Inspect the process.
Expected: Defined.
Sample: 1 (design inspection)
Evidence: Scan reports, remediation tracker.

Scans performed on cadence

Operating

Procedure: Inspect scans.
Expected: Regular scanning.
Sample: 2–3
Evidence: Scan reports, remediation tracker.

Findings remediated within SLA & tracked

Operating

Procedure: Inspect remediation.
Expected: Timely and tracked.
Sample: 2–3
Evidence: Scan reports, remediation tracker.

Evidence Tess looks for

Scan reports, remediation tracker.

More in Incident & Security Monitoring

SM-01 Logging Standard & Retention SM-02 Access & Privileged Activity Logging SM-03 Time Synchronisation (NTP) SM-04 Security Alerting & Anomaly Monitoring

Want Tess to test SM-06 against your evidence?