Evaluation and Decision-Making System as Vulnerability Management Process in Information and Telecommunication Systems
Keywords:CVSS, risk management, ISMS, vulnerabilities, risks
This article proposes a system for risk assessment and management of software vulnerabilities. Such a system should function as part of the security policy of information security management systems.
RELIABILITY AND SAFETY ASSURANCE TECHNOLOGIES FOR COMPUTER AND INFORMATIONAL SYSTEMS