DoD Instruction 8531.01, DoD Vulnerability Management : Department of Defense , September 15 , 2020
From the document: "Purpose: In accordance with the authority in DoD Directive 5144.02, this issuance: • Establishes policy, assigns responsibilities, and provides procedures for DoD vulnerability management and response to vulnerabilities identified in all software, firmware, and hardware within the DoD information network (DODIN). • Establishes a uniform DoD Component-level cybersecurity vulnerability management program based on federal and DoD standards. • Establishes policy and assigns responsibilities for the DoD Vulnerability Disclosure Program (VDP). • Establishes policy, assigns responsibilities, and provides procedures for DoD’s participation in the Vulnerabilities Equities Process (VEP), in accordance with the Vulnerabilities Equities Policy and Process for the U.S. Government (USG)."
Authors - Chief Information Officer
Related Resources