New Vulnerability Management Standard

The Office of Information Technology (OIT) has developed the Vulnerability Management Standard to provide guidance to departments that manage networked information systems and applications that they have built, inherited, or procured. It defines the responsibilities that come with managing these items in a consistent and secure manner.

Because this standard will apply to all departments at PSU, we are inviting the campus community to review the standard and provide feedback.

Feedback may be provided via email to: oit-vulnerabilitymanagement-group@pdx.edu

Why a Vulnerability Management Standard?

The university’s Vulnerability Management Standard outlines the minimum requirements for these practices across all PSU information technology systems. This standard will provide a necessary framework for prioritizing, remediating, and mitigating vulnerabilities in a timely manner. This is one of many steps we are taking to secure our university, with measures to follow in the near future. 

What Does My Department Need To Do

Effective August 5, 2025, the Vulnerability Management Standard is now in effect. PSU department leadership is responsible for reviewing, understanding, and integrating this standard into their administrators' workflows. 

Application Administrators must monitor all networked information systems and applications under their purview for vulnerabilities, and identified vulnerabilities must be remediated according to the schedule outlined in the standard.

Assistance with vulnerability monitoring is available from OIT and can be requested by sending an email to: oit-vulnerabilitymanagement-group@pdx.edu.