KSI-PIY-RVDImplementation guide coming soonReviewing Vulnerability Disclosures
PIY — Policy and Inventory
NIST 800-53: ra-5.11
- Who this is for
- Cloud service providers
- Service class
- All service classes
- Implementation guidance
- Official source only
- Evidence automation
- Not published
Reviewed implementation guidance for KSI-PIY-RVD is not published yet. The official source below remains complete and authoritative.
Official FedRAMP source
Verbatim from FedRAMP/rules
The effectiveness of the provider's vulnerability disclosure program is persistently reviewed.
Content provenance
Official requirement text is sourced from FedRAMP/rules . Boundera implementation guidance has not been fully reviewed for this item.