UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

DODD 8531.01

DOD VULNERABILITY MANAGEMENT

active, Most Current
Organization: DODD
Publication Date: 15 September 2020
Status: active
Page Count: 24
scope:

Purpose:

In accordance with the authority in DoD Directive 5144.02, this issuance:

• Establishes policy, assigns responsibilities, and provides procedures for DoD vulnerability management and response to vulnerabilities identified in all software, firmware, and hardware within the DoD information network (DODIN).

• Establishes a uniform DoD Component-level cybersecurity vulnerability management program based on federal and DoD standards.

• Establishes policy and assigns responsibilities for the DoD Vulnerability Disclosure Program (VDP).

• Establishes policy, assigns responsibilities, and provides procedures for DoD's participation in the Vulnerabilities Equities Process (VEP), in accordance with the Vulnerabilities Equities Policy and Process for the U.S. Government (USG).

Document History

DODD 8531.01
September 15, 2020
DOD VULNERABILITY MANAGEMENT
Purpose: In accordance with the authority in DoD Directive 5144.02, this issuance: • Establishes policy, assigns responsibilities, and provides procedures for DoD vulnerability management and...

References

This document references:
DODD 5144.02(D) CE-01 - DoD Chief Information Officer (DoD CIO)
Published by DODD on September 19, 2017
PURPOSE. Under the authority vested in the Secretary of Defense by section 113 of Title 10, United States Code (U.S.C.) (Reference (a)), this directive: a. Assigns the responsibilities, functions,...
This document references:
DODD 5000.02 - Operation of the Defense Acquisition System
Published by DOD on August 31, 2018
PURPOSE. This instruction: a. In accordance with the authority in DoD Directive (DoDD) 5000.01 (Reference (a)) and DoDD 5134.01 (Reference (cm)), reissues the interim DoD Instruction 5000.02...
This document references:
DODD 5144.02(D) CE-01 - DoD Chief Information Officer (DoD CIO)
Published by DODD on September 19, 2017
PURPOSE. Under the authority vested in the Secretary of Defense by section 113 of Title 10, United States Code (U.S.C.) (Reference (a)), this directive: a. Assigns the responsibilities, functions,...
This document references:
DODD 5505.13E(D) CE-01 - DoD Executive Agent (EA) for the DoD Cyber Crime Center (DC3)
Published by DODD on July 27, 2017
PURPOSE. This Directive: a. Directs the establishment of DC3 as an entity within the Department of the Air Force and establishes the functions of DC3. b. Designates the Secretary of the Air Force...
This document references:
DODD 8310.01 - Information Technology Standards In The Dod
Published by DODD on April 7, 2023
Purpose: In accordance with the authority in DoD Directive (DoDD) 5144.02, this issuance establishes policy, assigns responsibilities, and authorizes a process for identifying, developing, adopting,...
This document references:
DODD 8320.03 - Unique Identification (UID) Standards for Supporting the DoD Information Enterprise
Published by DOD on August 31, 2018
PURPOSE. This instruction: a. Reissues DoD Directive (DoDD) 8320.03 (Reference (a)) as a DoD instruction (DoDI) in accordance with the authority in DoDD 5134.01 (Reference (b)) to establish policy...
This document is referenced by:
DODD 8510.01 - Risk Management Framework (RMF) for DoD Information Technology (IT)
Published by DOD on May 24, 2016
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
This document is referenced by:
DODD 8551.01 - Ports, Protocols, and Services Management
Published by DODD on May 31, 2023
Purpose: In accordance with the authority in DoD Directive 5144.02 and the guidance in DoD Instruction (DoDI) 8500.01, this issuance: • Establishes policy and standardizes procedures for cataloging,...
This document is referenced by:
DODD 8530.01-M - CYBERSECURITY ACTIVITIES SUPPORT PROCEDURES
Published by DODD on May 31, 2023
Purpose: In accordance with the authority in DoD Directive (DoDD) 5144.02 and the policy and guidance in DoD Instruction (DoDI) 8530.01, this issuance assigns responsibilities and provides procedures...
This document is referenced by:
DODD 8530.03 - CYBER INCIDENT RESPONSE
Published by DODD on August 9, 2023
Purpose: In accordance with the authority in DoD Directive (DoDD) 5144.02, and pursuant to Subchapter II of Chapter 35 of Title 44, United States Code (U.S.C.), also known and referred to in this...
View Less
View All
Advertisement