Requirement

Technical vulnerability management

Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.

Fulfill this requirement by completing the tasks below ->
Technical vulnerability management
This requirement is part of the framework:  

Other requirements of the framework

No items found.
0
Technical vulnerability management
No items found.
Technical cyber security
Best practices
How to implement:
Technical vulnerability management

Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.

Read below what concrete actions you can take to improve this ->
Technical cyber security
Technical vulnerability management
Frameworks that include requirements for this topic:
Nacionālās kiberdrošības likums (Latvia)
La loi NIS2 (Belgique)
NIST CSF 2.0
Kibernetinio Saugumo Įstatymas (Lithuania)
CIS 18 controls
DORA simplified RMF

How to improve security around this topic

In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.

Here's a list of tasks that help you improve your information and cyber security related to
Technical vulnerability management
Task name
Priority
Task completes
Complete these tasks to increase your compliance in this policy.
Critical
31 requirements
Regularly conducting penetration testing with predefined goals and scope
Critical
High
Normal
Low
4
requirements
Development and cloud
Technical vulnerability management

Regularly conducting penetration testing with predefined goals and scope

This task helps you comply with the following requirements

3.4.2: Involve relevant stakeholders in advanceNSM ICT-SP
3.4.1: Plan penetration testing with defined goals and scopeNSM ICT-SP
3.4.4: Perform regular penetration testing (at least annually) to identify vulnerabilitiesNSM ICT-SP
18.2: Perform Periodic External Penetration TestsCIS 18
Regularly conducting threat-led penetration testing (TLPT)
Critical
High
Normal
Low
2
requirements
Development and cloud
Technical vulnerability management

Regularly conducting threat-led penetration testing (TLPT)

This task helps you comply with the following requirements

Article 26: Advanced testing of ICT tools, systems and processes based on TLPTDORA
Article 36: ICT security testingDORA simplified RMF
Process for managing technical vulnerabilities
Critical
High
Normal
Low
38
requirements
Development and cloud
Technical vulnerability management

Process for managing technical vulnerabilities

This task helps you comply with the following requirements

12.6.1: Management of technical vulnerabilitiesISO 27001
14.2.1: Secure development policyISO 27001
ID.RA-1: Asset vulnerabilitiesNIST
PR.IP-12: Vulnerability management planNIST
RS.AN-5: Vulnerability management processNIST
RS.MI-3: New vulnerability mitigationNIST
TEK-19: Ohjelmistohaavoittuvuuksien hallintaJulkri
8.8: Management of technical vulnerabilitiesISO 27001
THREAT-1: Reduce Cybersecurity VulnerabilitiesC2M2
CC7.1: Procedures for monitoring changes to configurationsSOC 2
The goals of threat intelligence and the collection of information related to information security threats
Critical
High
Normal
Low
10
requirements
Development and cloud
Technical vulnerability management

The goals of threat intelligence and the collection of information related to information security threats

This task helps you comply with the following requirements

5.7: Threat intelligenceISO 27001
77: Menettely toimintaympäristön seuraamiseenDigiturvan kokonaiskuvapalvelu
Article 13: Learning and evolvingDORA
4.1: Tietojärjestelmien tietoturvallisuusTiHL tietoturvavaatimukset
ID.RA-2: Cyber threat intelligence is received from information sharing forums and sources.CyberFundamentals
3.3.4: Obtain and process threat information from relevant sourcesNSM ICT-SP
DE.AE-07: Information from cyber threat intelligence and other contextual informationNIST 2.0
27 § 1°: Volontaire échanger des informations pertinentes en matière de cybersécuritéNIS2 Belgium
Article 31: ICT risk managementDORA simplified RMF
Article 34: ICT operations securityDORA simplified RMF
Process for vulnerability disclosure
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Process for vulnerability disclosure

This task helps you comply with the following requirements

No items found.
Validation of security measuers after penetration testing
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Validation of security measuers after penetration testing

This task helps you comply with the following requirements

18.4: Validate Security MeasuresCIS 18
Establishing and maintaining a severity rating system for application vulnerabilities
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Establishing and maintaining a severity rating system for application vulnerabilities

This task helps you comply with the following requirements

16.6: Establish and Maintain a Severity Rating System and Process for Application VulnerabilitiesCIS 18
Performing root cause analysis on security vulnerabilities
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Performing root cause analysis on security vulnerabilities

This task helps you comply with the following requirements

16.3: Perform Root Cause Analysis on Security VulnerabilitiesCIS 18
Conducting automated vulnerability scans of externally-exposed enterprise assets
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Conducting automated vulnerability scans of externally-exposed enterprise assets

This task helps you comply with the following requirements

7.6: Perform Automated Vulnerability Scans of Externally-Exposed Enterprise AssetsCIS 18
Conducting automated vulnerability scans of internal enterprise assets
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Conducting automated vulnerability scans of internal enterprise assets

This task helps you comply with the following requirements

7.5: Perform Automated Vulnerability Scans of Internal Enterprise AssetsCIS 18
Standards for submitting vulnerability reports
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Standards for submitting vulnerability reports

This task helps you comply with the following requirements

39: Koordinēta ievainojamību atklāšanaNIS2 Latvia
Process for vulnerability remediation
Critical
High
Normal
Low
3
requirements
Development and cloud
Technical vulnerability management

Process for vulnerability remediation

This task helps you comply with the following requirements

40.(1): Ievainojamību atklāšana un novēršanaNIS2 Latvia
40.(2): Neaizsargātību novēršanas grafiksNIS2 Latvia
Use of vulnerability scanning and attack tools
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Use of vulnerability scanning and attack tools

This task helps you comply with the following requirements

3.4.3: Use vulnerability scanning tools and attack toolsNSM ICT-SP
Communicating the results of penetration tests
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Communicating the results of penetration tests

This task helps you comply with the following requirements

3.4.6: Communicate the results of penetration tests to relevant stakeholdersNSM ICT-SP
Defining a patch management process
Critical
High
Normal
Low
2
requirements
Development and cloud
Technical vulnerability management

Defining a patch management process

This task helps you comply with the following requirements

5.2.5: Vulnerability managementTISAX
7.3: Perform Automated Operating System Patch ManagementCIS 18
Assessments for defining the scope for threat-led penetration testing (TLPT)
Critical
High
Normal
Low
2
requirements
Development and cloud
Technical vulnerability management

Assessments for defining the scope for threat-led penetration testing (TLPT)

This task helps you comply with the following requirements

Article 26: Advanced testing of ICT tools, systems and processes based on TLPTDORA
16.13: Conduct Application Penetration TestingCIS 18
TLPT tester requirements
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

TLPT tester requirements

This task helps you comply with the following requirements

Article 27: Requirements for testers for the carrying out of TLPTDORA
Personnel support for chosen resilience testing operations
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Personnel support for chosen resilience testing operations

This task helps you comply with the following requirements

Article 25: Testing of ICT tools and systemsDORA
Separation of critical environments
Critical
High
Normal
Low
8
requirements
Development and cloud
Technical vulnerability management

Separation of critical environments

This task helps you comply with the following requirements

13.1.3: Segregation in networksISO 27001
PR.AC-5: Network integrityNIST
8.22: Segregation of networksISO 27001
2.3.1: Establish centrally managed practices for security updatesNSM ICT-SP
12.8: Establish and Maintain Dedicated Computing Resources for All Administrative WorkCIS 18
12.2: Establish and Maintain a Secure Network ArchitectureCIS 18
13.4: Perform Traffic Filtering Between Network SegmentsCIS 18
Authorized users and rules for installing software and libraries
Critical
High
Normal
Low
14
requirements
Development and cloud
Technical vulnerability management

Authorized users and rules for installing software and libraries

This task helps you comply with the following requirements

12.6.2: Restrictions on software installationISO 27001
SUM-02: Keeping licensed software up to dateCyber Essentials
DE.CM-5: Unauthorized mobile code detectionNIST
TEK-17: MuutoshallintamenettelytJulkri
8.19: Installation of software on operational systemsISO 27001
CC6.8: Detection and prevention of unauthorized or malicious softwareSOC 2
DE.CM-5: Unauthorized mobile code is detected.CyberFundamentals
1.2.2: Establish organisational guidelines for approved devices and softwareNSM ICT-SP
1.2.4: Identify the software in use at the organisationNSM ICT-SP
PR.PS-02: Software managementNIST 2.0
Anticipating capacity-related problems
Critical
High
Normal
Low
12
requirements
Development and cloud
Technical vulnerability management

Anticipating capacity-related problems

This task helps you comply with the following requirements

11.2.2: Supporting utilitiesISO 27001
12.1.3: Capacity managementISO 27001
PR.DS-4: AvailabilityNIST
TEK-22: Tietojärjestelmien saatavuusJulkri
8.6: Capacity managementISO 27001
7.11: Supporting utilitiesISO 27001
A1.1: Evaluation of current processing capacitySOC 2
PR.DS-4: Adequate capacity to ensure availability is maintained.CyberFundamentals
3.2.1: Determine a strategy and guidelines for security monitoringNSM ICT-SP
PR.IR-04: Resource capacityNIST 2.0
Regular vulnerability scanning
Critical
High
Normal
Low
32
requirements
Development and cloud
Technical vulnerability management

Regular vulnerability scanning

This task helps you comply with the following requirements

12.6.1: Management of technical vulnerabilitiesISO 27001
18.2.3: Technical compliance reviewISO 27001
14.2.8: System security testingISO 27001
6.5: Tietojärjestelmien asennus, ylläpito ja päivitysOmavalvontasuunnitelma
MWP-02: Automatic file scan by anti-malware softwareCyber Essentials
ID.RA-1: Asset vulnerabilitiesNIST
PR.IP-12: Vulnerability management planNIST
DE.CM-8: Vulnerability scans NIST
TEK-19: Ohjelmistohaavoittuvuuksien hallintaJulkri
5.36: Compliance with policies, rules and standards for information securityISO 27001
Initial treatment of identified technical vulnerabilities
Critical
High
Normal
Low
18
requirements
Development and cloud
Technical vulnerability management

Initial treatment of identified technical vulnerabilities

This task helps you comply with the following requirements

12.6.1: Management of technical vulnerabilitiesISO 27001
ID.RA-1: Asset vulnerabilitiesNIST
PR.IP-12: Vulnerability management planNIST
RS.AN-5: Vulnerability management processNIST
RS.MI-3: New vulnerability mitigationNIST
8.8: Management of technical vulnerabilitiesISO 27001
5.2.5: Vulnerability managementTISAX
PR.IP-12: A vulnerability management plan is developed and implemented.CyberFundamentals
ID.RA-1: Asset vulnerabilities are identified and documented.CyberFundamentals
RS.AN-5: Processes are established to receive, analyse, and respond to vulnerabilities disclosed to the organization from internal and external sources.CyberFundamentals
Selecting and tracking data sources for vulnerability information
Critical
High
Normal
Low
11
requirements
Development and cloud
Technical vulnerability management

Selecting and tracking data sources for vulnerability information

This task helps you comply with the following requirements

I23: Ohjelmistohaavoittuvuuksien hallintaKatakri
12.6.1: Management of technical vulnerabilitiesISO 27001
DE.CM-8: Vulnerability scans NIST
TEK-19: Ohjelmistohaavoittuvuuksien hallintaJulkri
8.8: Management of technical vulnerabilitiesISO 27001
I-19: TIETOJENKÄSITTELY-YMPÄRISTÖN SUOJAUS KOKO ELINKAAREN AJAN – OHJELMISTOHAAVOITTUVUUKSIEN HALLINTAKatakri 2020
5.2.5: Vulnerability managementTISAX
DE.CM-8: Vulnerability scans are performed.CyberFundamentals
3.1.1: Conduct regular vulnerability assessmentsNSM ICT-SP
3.1.2: Subscribe to vulnerability intelligence servicesNSM ICT-SP
Ohjelmistohaavoittuvuuksien säännöllinen tarkastelu (ST IV)
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Ohjelmistohaavoittuvuuksien säännöllinen tarkastelu (ST IV)

This task helps you comply with the following requirements

I23: Ohjelmistohaavoittuvuuksien hallintaKatakri
Ohjelmistohaavoittuvuuksien säännöllinen tarkastelu (ST III-II)
Critical
High
Normal
Low
1
requirements
Development and cloud
Technical vulnerability management

Ohjelmistohaavoittuvuuksien säännöllinen tarkastelu (ST III-II)

This task helps you comply with the following requirements

I23: Ohjelmistohaavoittuvuuksien hallintaKatakri
Regular penetration testing
Critical
High
Normal
Low
23
requirements
Development and cloud
Technical vulnerability management

Regular penetration testing

This task helps you comply with the following requirements

12.6.1: Management of technical vulnerabilitiesISO 27001
14.2.8: System security testingISO 27001
18.2.3: Technical compliance reviewISO 27001
DE.CM-8: Vulnerability scans NIST
5.36: Compliance with policies, rules and standards for information securityISO 27001
8.8: Management of technical vulnerabilitiesISO 27001
8.29: Security testing in development and acceptanceISO 27001
CC4.1: Evaluation of internal controlsSOC 2
CC7.1: Procedures for monitoring changes to configurationsSOC 2
I-19: TIETOJENKÄSITTELY-YMPÄRISTÖN SUOJAUS KOKO ELINKAAREN AJAN – OHJELMISTOHAAVOITTUVUUKSIEN HALLINTAKatakri 2020
Automating the handling of technical vulnerabilities
Critical
High
Normal
Low
5
requirements
Development and cloud
Technical vulnerability management

Automating the handling of technical vulnerabilities

This task helps you comply with the following requirements

RS.AN-5: Processes are established to receive, analyse, and respond to vulnerabilities disclosed to the organization from internal and external sources.CyberFundamentals
2.3.1: Establish centrally managed practices for security updatesNSM ICT-SP
7.7: Remediate Detected VulnerabilitiesCIS 18
Article 34: ICT operations securityDORA simplified RMF
Prioritization of identified technical vulnerabilities and remediation goals
Critical
High
Normal
Low
7
requirements
Development and cloud
Technical vulnerability management

Prioritization of identified technical vulnerabilities and remediation goals

This task helps you comply with the following requirements

4.1: Tietojärjestelmien tietoturvallisuusTiHL tietoturvavaatimukset
3.1.1: Conduct regular vulnerability assessmentsNSM ICT-SP
40.(1): Ievainojamību atklāšana un novēršanaNIS2 Latvia
40.(2): Neaizsargātību novēršanas grafiksNIS2 Latvia
18.3: Remediate Penetration Test FindingsCIS 18
Defining metrics related to vulnerability management
Critical
High
Normal
Low
4
requirements
Development and cloud
Technical vulnerability management

Defining metrics related to vulnerability management

This task helps you comply with the following requirements

39: Koordinēta ievainojamību atklāšanaNIS2 Latvia
16.2: Establish and Maintain a Process to Accept and Address Software VulnerabilitiesCIS 18
Hardening of virtual machines utilized in cloud service offering
Critical
High
Normal
Low
2
requirements
Development and cloud
Technical vulnerability management

Hardening of virtual machines utilized in cloud service offering

This task helps you comply with the following requirements

CLD 9.5.2: Virtual machine hardeningISO 27017
16.7: Use Standard Hardening Configuration Templates for Application InfrastructureCIS 18
Regular testing of the vulnerability management process
Critical
High
Normal
Low
8
requirements
Development and cloud
Technical vulnerability management

Regular testing of the vulnerability management process

This task helps you comply with the following requirements

DE.DP-3: Detection processes testingNIST
TEK-19: Ohjelmistohaavoittuvuuksien hallintaJulkri
I-19: TIETOJENKÄSITTELY-YMPÄRISTÖN SUOJAUS KOKO ELINKAAREN AJAN – OHJELMISTOHAAVOITTUVUUKSIEN HALLINTAKatakri 2020
DE.DP-3: Detection processes are tested.CyberFundamentals
RS.AN-5: Processes are established to receive, analyse, and respond to vulnerabilities disclosed to the organization from internal and external sources.CyberFundamentals
ID.IM-04: Incident response and cybersecurity plansNIST 2.0
18.1: Establish and Maintain a Penetration Testing ProgramCIS 18
18.4: Validate Security MeasuresCIS 18
Säännöllinen kattava haavoittuvuusskannaus (TL IV)
Critical
High
Normal
Low
2
requirements
Development and cloud
Technical vulnerability management

Säännöllinen kattava haavoittuvuusskannaus (TL IV)

This task helps you comply with the following requirements

TEK-19.1: Ohjelmistohaavoittuvuuksien hallintaJulkri
I-19: TIETOJENKÄSITTELY-YMPÄRISTÖN SUOJAUS KOKO ELINKAAREN AJAN – OHJELMISTOHAAVOITTUVUUKSIEN HALLINTAKatakri 2020
Säännöllinen kattava haavoittuvuusskannaus (TL III)
Critical
High
Normal
Low
2
requirements
Development and cloud
Technical vulnerability management

Säännöllinen kattava haavoittuvuusskannaus (TL III)

This task helps you comply with the following requirements

TEK-19.2: Ohjelmistohaavoittuvuuksien hallinta - TL IIIJulkri
I-19: TIETOJENKÄSITTELY-YMPÄRISTÖN SUOJAUS KOKO ELINKAAREN AJAN – OHJELMISTOHAAVOITTUVUUKSIEN HALLINTAKatakri 2020
Maintaining system hardening
Critical
High
Normal
Low
2
requirements
Development and cloud
Technical vulnerability management

Maintaining system hardening

This task helps you comply with the following requirements

TEK-10.2: Järjestelmäkovennus - kovennusten varmistaminen koko elinkaaren ajanJulkri
I-08: VÄHIMMÄISTOIMINTOJEN JA VÄHIMPIEN OIKEUKSIEN PERIAATE – JÄRJESTELMÄKOVENNUSKatakri 2020
Regular analysis and utilization of information related to information security threats
Critical
High
Normal
Low
13
requirements
Development and cloud
Technical vulnerability management

Regular analysis and utilization of information related to information security threats

This task helps you comply with the following requirements

5.7: Threat intelligenceISO 27001
23: Häiriöiden- ja poikkeamienhallintaprosessiDigiturvan kokonaiskuvapalvelu
THREAT-2: Respond to Threats and Share Threat InformationC2M2
Article 13: Learning and evolvingDORA
3.3.4: Obtain and process threat information from relevant sourcesNSM ICT-SP
3.1.2: Subscribe to vulnerability intelligence servicesNSM ICT-SP
DE.AE-07: Information from cyber threat intelligence and other contextual informationNIST 2.0
ID.RA-03: Internal and external threats to the organizationNIST 2.0
ID.IM-02: Improvements from security tests and exercisesNIST 2.0
38: Kiberuzbrukumu attiecināšanaNIS2 Latvia
Monitoring of technical vulnerability communications
Critical
High
Normal
Low
4
requirements
Development and cloud
Technical vulnerability management

Monitoring of technical vulnerability communications

This task helps you comply with the following requirements

50: Teknisten haavoittuvuuksien seurantaDigiturvan kokonaiskuvapalvelu
THREAT-1: Reduce Cybersecurity VulnerabilitiesC2M2
9.3 §: Tietojärjestelmien hankinta ja kehittäminenKyberturvallisuuslaki
Article 34: ICT operations securityDORA simplified RMF
Regular monitoring of the vulnerability management process
Critical
High
Normal
Low
16
requirements
Development and cloud
Technical vulnerability management

Regular monitoring of the vulnerability management process

This task helps you comply with the following requirements

12.6.1: Management of technical vulnerabilitiesISO 27001
ID.RA-1: Asset vulnerabilitiesNIST
PR.IP-12: Vulnerability management planNIST
TEK-19: Ohjelmistohaavoittuvuuksien hallintaJulkri
8.8: Management of technical vulnerabilitiesISO 27001
I-19: TIETOJENKÄSITTELY-YMPÄRISTÖN SUOJAUS KOKO ELINKAAREN AJAN – OHJELMISTOHAAVOITTUVUUKSIEN HALLINTAKatakri 2020
1.5.1: Assessment of policies and requirementsTISAX
PR.IP-12: A vulnerability management plan is developed and implemented.CyberFundamentals
ID.RA-1: Asset vulnerabilities are identified and documented.CyberFundamentals
RS.AN-5: Processes are established to receive, analyse, and respond to vulnerabilities disclosed to the organization from internal and external sources.CyberFundamentals
Consideration of threat intelligence findings in the information security risk management process
Critical
High
Normal
Low
4
requirements
Development and cloud
Technical vulnerability management

Consideration of threat intelligence findings in the information security risk management process

This task helps you comply with the following requirements

5.7: Threat intelligenceISO 27001
3.3.4: Obtain and process threat information from relevant sourcesNSM ICT-SP
ID.IM-02: Improvements from security tests and exercisesNIST 2.0
Article 31: ICT risk managementDORA simplified RMF
Sharing threat intelligence
Critical
High
Normal
Low
9
requirements
Development and cloud
Technical vulnerability management

Sharing threat intelligence

This task helps you comply with the following requirements

5.7: Threat intelligenceISO 27001
77: Menettely toimintaympäristön seuraamiseenDigiturvan kokonaiskuvapalvelu
THREAT-2: Respond to Threats and Share Threat InformationC2M2
Article 45: Information-sharing arrangements on cyber threat information and intelligenceDORA
DE.CM-8: Vulnerability scans are performed.CyberFundamentals
RS.CO-5: Voluntary information sharing occurs with external stakeholders to achieve broader cybersecurity situational awareness.CyberFundamentals
ID.RA-2: Cyber threat intelligence is received from information sharing forums and sources.CyberFundamentals
PR.IP-8: Effectiveness of protection technologies is shared.CyberFundamentals
27 § 1°: Volontaire échanger des informations pertinentes en matière de cybersécuritéNIS2 Belgium
Monitoring the use of the available capacity
Critical
High
Normal
Low
3
requirements
Development and cloud
Technical vulnerability management

Monitoring the use of the available capacity

This task helps you comply with the following requirements

A1.1: Evaluation of current processing capacitySOC 2
4.1: Tietojärjestelmien tietoturvallisuusTiHL tietoturvavaatimukset
3.2.5: Verify that the monitoring is working as intendedNSM ICT-SP
Complete these tasks in Cyberday ISMS ->

How to comply with this requirement

In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.

Here's a list of tasks that help you comply with the requirement
Technical vulnerability management
of the framework  
Task name
Priority
Task completes
Complete these tasks to increase your compliance in this policy.
Critical
31 requirements
No other tasks found.
Complete these tasks in Cyberday ISMS ->

The ISMS component hierachy

When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.

Framework

Sets the overall compliance standard or regulation your organization needs to follow.

Requirements

Break down the framework into specific obligations that must be met.

Tasks

Concrete actions and activities your team carries out to satisfy each requirement.

Policies

Documented rules and practices that are created and maintained as a result of completing tasks.

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security