# Remediation Management [[Remediation Management]] is an [[Control Verification]] capability, that is responsible for ensuring that identified security issues are remediated in a timely fashion based on the risk to the business. For example many companies prioritize patching systems that are publicly exposed over internal hosts that can only be reached internally. ## Map ``` mermaid <!-- element style="width:90%; height:auto" --> graph TD Top[[Cybersecurity]] --- D[[Control Verification]] D --- D.1[[Attack Surface Enumeration]] D --- D.2[[Resilience Testing]] D --- D.3[[Risk Prioritization]] D --- D.4[[Remediation Management]] D --- D.5[[Assurance Reporting]] %% Class Definitions %% ===================== class Top,A,A.1,A.2,A.2,A.3,A.4,A.5,A.6,B,B.1,B.2,B.3,B.4,B.5,C,C.1,C.2,C.3,C.4,D,D.1,D.2,D.3,D.4,D.5,E,E.1,E.2,E.3,E.4,E.5,E.6 internal-link,font-color:white; class Top cssClassL0; classDef cssClassL0 fill:black,stroke:black,stroke-width:4px,font-size:15px,font-color:white; class A,B,C,D,E cssClassL1; classDef cssClassL1 fill:darkblue,stroke:darkblue,stroke-width:4px,font-size:15px,font-color:white; class A.1,A.3,A.4,A.5,A.6,B.1,B.2,B.3,B.4,B.5,C.1,C.2,C.3,C.4,D.1,D.2,D.3,D.4,D.5,E.1,E.2,E.3,E.4,E.5,E.6 cssClassL2; classDef cssClassL2 fill:blue,stroke:blue,stroke-width:4px,font-size:15px,font-color:white; class D.4 cssClassCurrent; classDef cssClassCurrent fill:#2f9503,stroke:#2f9503,stroke-width:4px,font-size:15px,font-color:white; ``` ## Definition >[!success] Definition > Remediation Management is the process of ensuring security findings are published, prioritized, and closed out in a timely fashion. ## Goals ## Scope ## Process ## Metrics >[!cm-metric] Metric: Average # of Days from Patch Availability to Patch Deployment >[!cm-metric] Metric: Ratio of Days to complete Critical Patching vs. Days Non-Critical Patching >[!cm-metric] Metric: Patches completed within Service Level Agreement (SLA) >[!cm-metric] Metric: Patches completed out of Service Level Agreement (SLA) (OOSLA) >[!cm-metric] Metric: % of Assets with Patching Exceptions >[!cm-metric] Metric: % of All Assets that can be Patched within Service Level Agreement (SLA) >[!cm-metric] Metric: Average number of downtime hours related to Patching >[!cm-metric] Metric: Average number of hours required to develop a security fix >[!cm-metric] Metric: Average number of hours required to correct a mis-configuration >[!cm-metric] Metric: [[% of Assets covered by auto-remediation]] >[!cm-metric] Metric: [[Daily Active Users for Security Tools]] ## Inspiration & Resources + [PSIRT Services Framework 1.1 (first.org)](https://www.first.org/standards/frameworks/psirts/psirt_services_framework_v1.1) + ## [Cyber City Map](https://cybercitymap.com/) © 2023-2024 by [ThirdScore, Inc.](https://thirdscore.com/) All Rights Reserved.