UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close

LUL - G2402

Cyber Security Vulnerability Management

active, Most Current
Organization: LUL
Publication Date: 1 October 2018
Status: active
Page Count: 34
scope:

This guidance document is designed for use by TfL System Owners, System Administrators and the Cyber Security Incident Response Team (CSIRT).

The guidance applies to information, IT devices, networks, endpoints and users that are owned, operated or supported by TfL or on behalf of TfL. This includes:

a) user devices, including 'thick' and 'thin' desktop computers, portable devices such as laptops and mobile devices such as tablet computers and smartphones

b) servers (physical and virtual), including file servers, application servers, web servers, database servers and any servers that manage network connections.

c) network infrastructure and security components, including devices managing connections (switches, routers), devices for protecting the networks and systems (IDS/IPS) or devices managing network connections (firewalls, load balancers).

This guidance is a subset of TfL's Cyber Security Risk Management Policy P123 and the Cyber Security Testing Standard S1746 (see Diagram 1 below). The Cyber Security Testing guidance G2401 outlines the initial identification and testing stage of Vulnerability management.

Document History

G2402
October 1, 2018
Cyber Security Vulnerability Management
This guidance document is designed for use by TfL System Owners, System Administrators and the Cyber Security Incident Response Team (CSIRT). The guidance applies to information, IT devices,...

References

Advertisement