The maintenance of IT security is a sustained process for which the corresponding tasks must be continually repeated. Each designated security measure must therefore be examined to determine whether it is sufficient to implement it once or whether implementation at regular intervals is required, such as regular antivirus software updates.
- Log all maintenance measures implemented.
- Observe the information in the 'IT security notices' chapter.
- Install security updates regularly.
- Run a risk analysis on the security properties of the applied software at regular intervals.
You will find information on a corresponding risk analysis here, for example: https://www.bsi.bund.de/EN/Topics/ITGrundschutz/Download/download_node.html