Body
All UMSN vulnerability reports will be documented in TDX using the following ticket hierarchy. The vulnerability report will be assigned to the vulnerability ticket type and each vulnerability will be assigned to either a high vulnerability or critical vulnerability ticket type, which will set the appropriate SLA response time based on DS-21. Affected servers will be associated with each vulnerability ticket as a TDX CI. For each vulnerability's remediation tasks, TDX ticket tasks will be created under each vulnerability.
Notifications will be sent to ITS as each vulnerability remediation is completed and when all of the remediation for the report are complete. UMSN IT will also notify ITS if additional time or assistance is required for any specific remediation task.
