OtherInternational
ISO/IEC 30111:2019
ISO/IEC 30111 provides guidelines for the internal handling of reported potential vulnerabilities in products and online services. It covers the processes a vendor should follow from receiving a vulnerability report through remediation and advisory publication.
Domains
Clause 8: Post-Release Activities
Clause 7: Vendor Process Management
Clause 6: Vulnerability Handling Process
Clause 5: Vulnerability Handling Policy and Organization
Clause 1-4: Introduction
Compare ISO/IEC 30111:2019
ISO/IEC 30111:2019 by Industry
ISO/IEC 30111:2019 by Role
Frequently Asked Questions
What is ISO/IEC 30111:2019?
ISO/IEC 30111 provides guidelines for the internal handling of reported potential vulnerabilities in products and online services. It covers the processes a vendor should follow from receiving a vulnerability report through remediation and advisory publication.
How many controls does ISO/IEC 30111:2019 have?
ISO/IEC 30111:2019 contains 22 controls organized across 5 domains.
Where does ISO/IEC 30111:2019 apply?
ISO/IEC 30111:2019 is applicable in International. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.
What frameworks does ISO/IEC 30111:2019 map to?
ISO/IEC 30111:2019 has control-to-control mappings with 387 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.
How do I get started with ISO/IEC 30111:2019 compliance?
Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.
How ready are you for ISO/IEC 30111:2019?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.