Scope
System Computing Services provides:
- Threat and vulnerability scanning in the client’s environment
- Creation and administration of accounts for vulnerability scanning systems
- Creation and distribution of reports
- Recommendations and guidance in remediating issues
- Guidance and support in identifying compensating controls
- Regular threat intelligence reports and notifications of critical vulnerabilities from reputable organizations such as federal, state, and local agencies; contracted vendors; and law enforcement
- Ad-hoc and post-remediation vulnerability scanning
- Support for incident response including engagement with 3rd party vendors
- Support institutions with internal and external audits
Client Responsibilities
- Patch and remediate critical and high severity threats and vulnerabilities identified by reporting
- Plan and implement compensating controls for systems that cannot be patched or updated
- Adhere to current industry standards for patch management, updates, and upgrades
- Respond to SCS requests for essential service information, including authorized points of contact
- Inform SCS of institutional changes, such as staffing or other events, that might impact NSHE IT Security
