This International Standard gives guidelines for how to process and resolve potential vulnerability information in a product or online service.
This International Standard is applicable to vendors involved in handling vulnerabilities.
ISO/IEC 30111:2013 Referenced Document
ISO/IEC 27000 Information technology - Security techniques - Information security management systems - Overview and vocabulary [Standard in French]*, 2018-04-01 Update