Vulnerability Management Policy

Organisation

Organisation name *

Effective date *

Policy owner *

Remediation SLAs

Critical vulnerability SLA

High vulnerability SLA

Medium vulnerability SLA

Controls

Regular vulnerability scanning *

Defined patching cadence *

Annual penetration test *

Findings tracked to closure *

Approval and review

Review cycle *

Approved by *

Approval date *

Please fill all required fields to generate.

📋

Template verified May 2026 — checked against applicable central Acts and current state rules. Legal requirements can change; for property transactions above ₹5 lakh, employment disputes, or business agreements above ₹10 lakh, consider a lawyer's review before signing. Run Lekha Audit on any document you receive →

Attachments

Upload your company letterhead, logo, or supporting documents. These will be used in PDF generation and AI audit.

Click or drag files here

Letterhead (PNG/JPG), Logo, PDFs — max 5 MB each

Live preview

10 gaps remaining.

VULNERABILITY MANAGEMENT POLICY

Effective Date
Policy Owner

1. Purpose and scope

This policy applies across and is owned by .

2. Remediation timelines

Vulnerabilities are remediated within the following targets:

Severity	Remediation SLA
Critical
High
Medium

3. Controls

The organisation operates:

Control	In place
Regular vulnerability scanning	No
Defined patching cadence	No
Annual penetration test	No
Findings tracked to closure	No

4. Review and approval

Reviewed [cycle]; approved by on [date].

Approved by

Policy Owner