New Vulnerability Management Standard

The Office of Information Technology (OIT) has developed the Vulnerability Management Standard to provide guidance to departments that manage networked information systems and applications. This standard applies to all applications, whether it is an application which the department has built, inherited, or procured. It defines the responsibilities that come with managing these items in a consistent and secure manner.

Because this standard will apply to all departments at PSU, we are inviting the campus community to review the standard and provide feedback.

Feedback may be provided via email to: oit-vulnerabilitymanagement-group@pdx.edu

Why a Vulnerability Management Standard?

The university’s Vulnerability Management Standard outlines the minimum requirements for these practices across all PSU information technology systems and aligns with industry standards as well as regulatory standards of due care. This standard will provide a necessary framework for prioritizing, remediating, and mitigating vulnerabilities in a timely manner. This is one of many steps we are taking to ensure the security of your data as well as our university. 

What Does My Department Need To Do

Effective August 5, 2025, the Vulnerability Management Standard has been adopted and is now in effect. PSU department leadership is responsible for reviewing, understanding, and integrating this standard into their business processes

Application Administrators must monitor all networked information systems and applications under their purview for vulnerabilities, and remediate identified vulnerabilities as described in the standard.

Assistance with vulnerability monitoring is available from OIT and can be requested by sending an email to: oit-vulnerabilitymanagement-group@pdx.edu.