The organization shall implement vulnerability management processes and procedures that include processing, analyzing and remedying vulnerabilities from internal and external sources.
The organization shall implement automated mechanisms to disseminate and track remediation efforts for vulnerability information, captured from internal and external sources, to key stakeholders.