Make Operating Systems, Applications Safer from Exploits and Attacks

John Storts
Slide Show

10-Step Security and Vulnerability Assessment Plan

Use this plan to ensure your information system controls are correctly implemented.

Written security policies are one thing, but they have to be backed up by other good practices and technical measures. When it comes to your critical IT products - the operating systems and applications you rely on for business - you have to make sure that they conform to those policies and good security practices in general. Achieving, verifying and maintaining that conformance requires a standard security configuration that all IT products must possess.


Security configuration checklists can significantly reduce exposure of those critical IT products to vulnerabilities. When customized for a particular business environment, they ensure that software or other products are configured properly.


The NIST, responsible for maintaining the National Checklist Repository, has uploaded security configuration checklist guidelines that can help you create custom-tailored checklists for your organization. For checklist users, these guidelines provide recommendations on how to select appropriate checklists, test and evaluate them and apply them to IT products. Checklist developers will find procedures, policies and requirements for participation in the National Checklist Program, in addition to helpful information about security threats and fundamental security practices.


Related Content

Performance Measurement Guide for Information Security

Guide to Using Vulnerability Naming Schemes

Security Assessment Policy Template

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.