Quarter of Smartphones Released with Security Flaws

John Storts
Slide Show

10-Step Security and Vulnerability Assessment Plan

Use this plan to ensure your information system controls are correctly implemented.

Written security policies are one thing, but they have to be backed up by other good practices and technical measures. When it comes to your critical IT products - the operating systems and applications you rely on for business - you have to make sure that they conform to those policies and good security practices in general. Achieving, verifying and maintaining that conformance requires a standard security configuration that all IT products must possess.


Security configuration checklists can significantly reduce exposure of those critical IT products to vulnerabilities. When customized for a particular business environment, they ensure that software or other products are configured properly.


The NIST, responsible for maintaining the National Checklist Repository, has uploaded security configuration checklist guidelines that can help you create custom-tailored checklists for your organization. For checklist users, these guidelines provide recommendations on how to select appropriate checklists, test and evaluate them and apply them to IT products. Checklist developers will find procedures, policies and requirements for participation in the National Checklist Program, in addition to helpful information about security threats and fundamental security practices.


Related Content

Performance Measurement Guide for Information Security

Guide to Using Vulnerability Naming Schemes

Security Assessment Policy Template

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making


SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data

Thanks for your registration, follow us on our social networks to keep up-to-date