Table of Contents outline true
...
Products - Objects for tracking products being developed or already developed by an organization. Mapping controls to products in development can help to ensure that proper security protocols are put in place prior to the product’s release. Can also be set as an audit target by mapping relevant controls.
Projects - A service or product delivered to customers, closely related to Systems. It is a planned set of tasks to be executed over a fixed period. This object can be mapped to controls during the project lifecycle to ensure that required security controls are in place prior to go-live.
...
Vulnerabilities - A vulnerability as a weakness that can cause or contribute to a risk’s risk manifesting as, or be being exploited by a threat. It is a gap that increases the likelihood that something will happen. While a risk is theoretical, a vulnerability is real. Perhaps you’re easily distracted by your phone --a vulnerability--so you put it away while you drive: a control. Maybe you’re not a confident driver, so you take that driving class: a remediation.
...