Minimize NCD security vulnerabilities.
All critical updates will be installed within 14 days of the release date on all Network Connected Devices (NCDs).
All NCDs attached to the State network will be kept current with critical updates.
This standard applies to all executive branch state agencies excluding the University Systems Office and other higher education institutions, i.e campuses and agricultural and research centers.
Non-compliance with this standard shall be reported to the Office of the State Auditor.
Noncompliance to this standard has been classified as high-risk i.e. having impact on the integrity of enterprise information systems. Violations to this standard will result in ITD operations taking immediate action to prevent enterprise risk prior to the reporting of non-compliance to the Office of the State Auditor.