Introduction and Purpose

This document details the vulnerability management policies and controls required to maintain high levels of system and application security in a diverse IT environment. It outlines the technology and procedures necessary for implementing a comprehensive, integrated program to detect and remediate vulnerabilities in operating systems, applications, mobile devices, cloud resources, and network devices to maintain maximum levels of security.