RA.L2-3.11.1
RA.L2-3.11.1: Risk Assessments
Periodically assess the risk to organizational operations, assets, and individuals from operating systems that process, store, or transmit CUI.
RA.L2-3.11.2
RA.L2-3.11.2: Vulnerability Scanning
Scan for vulnerabilities periodically and when new vulnerabilities are identified.
RA.L2-3.11.3
RA.L2-3.11.3: Vulnerability Remediation
Remediate vulnerabilities in accordance with assessments of risk.