Jeremy Pickett 1/6/25 Jeremy Pickett 1/6/25

PR.PT-3: Protective Technology

The principle of least functionality is incorporated by configuring systems to provide only essential capabilities.

Jeremy Pickett 12/30/24 Jeremy Pickett 12/30/24

PR.MA-1: Maintenance

Maintenance and repair of organizational assets are performed and logged in a timely manner, with approved and controlled tools.

Jeremy Pickett 12/27/24 Jeremy Pickett 12/27/24

A vulnerability management plan is developed and implemented.

Jeremy Pickett 12/26/24 Jeremy Pickett 12/26/24

Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening).

Jeremy Pickett 12/24/24 Jeremy Pickett 12/24/24

Response and recovery plans are tested.

Jeremy Pickett 12/23/24 Jeremy Pickett 12/23/24

Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed.

Jeremy Pickett 12/20/24 Jeremy Pickett 12/20/24

Effectiveness of protection technologies is shared and analyzed.

Jeremy Pickett 12/19/24 Jeremy Pickett 12/19/24

Protection processes are improved.

Jeremy Pickett 12/18/24 Jeremy Pickett 12/18/24

Data is destroyed according to policy.

Jeremy Pickett 12/17/24 Jeremy Pickett 12/17/24

Policy and regulations regarding the physical operating environment for organizational assets are met.

Jeremy Pickett 12/16/24 Jeremy Pickett 12/16/24

Backups of information are conducted, maintained, and tested periodically.

Jeremy Pickett 12/13/24 Jeremy Pickett 12/13/24

Configuration change control processes are in place.