2 posts tagged with "ra-5"

As part of our implementation of security control standard RA-5(11), Public Disclosure Program, today we implemented a consolidated public reporting system for vulnerabilities of Texas A&M system information resources. Information regarding the program and the vulnerability reporting form is available at https://cyber.tamus.edu/vuln-report/.

We have also released the first version of a TAMUS standardized security.txt, a file format to aid in security vulnerability disclosure specified by RFC 9116. This file is published at https://cyber.tamus.edu/.well-known/security.txt and is also available for members to use on their respective institution websites.

We released today a series of administrative changes to the security control standards. The majority of these changes moved TAMUS Implementation Statement language into organizationally-defined parameters (ODP) within each control, as well as implementing control standards that reflect existing system policy and assigning an impact baseline for all TAMUS-required controls.