Vulnerability Management Policy

Approved by the CIO - October 4, 2023


Vulnerability Management is a foundational component of the University of Guelph’s information security program which includes the identification, assessment and remediation of discovered IT security vulnerabilities. Responsibility for the on-going effort to reduce vulnerabilities on University-owned information technology assets is shared between service/system/application owners and CCS.


All devices owned by the University, devices connected to the University network, and devices that store University-owned data are in scope of this policy regardless of ownership. This includes personally-owned devices connected to the University network and third-party hosted services utilized by the University.


CCS Information Security offers the Vulnerability Management Service to assist with compliance with this policy.


View the full Vulnerabilty Management Policy (PDF)  PDF Logo

© 2005 - 2024 ProProfs