83 2021 ESG Report Healthy workforce and communities Appendices Responsible supply chain Product impact Climate change Introduction Transparency Design Requirements Cybersecurity Requirements System Requirements H arde ning Sta ndards Software Requirements Se cure Coding Sta ndards Reg iona l and Market Cyberse curity Req uire ments Code Analysis Vulnerability Scanning User Complaints Identity Access Management Logging and Monitoring Incident Response Vulnerability and Patch Management Decommissioning Inventory Management Governance and Compliance Reporting Service Design Idea Planning Development Qualification Service Transition Launch Service Operation Complaint Handling Desig n Control Risk Management Penetration Testing Training and Awareness Management Plan Information Security Risk Assessment Information Security Cybersecurity White Paper Asset, Vulnerability and Patch Management In addition, the BD Cybersecurity Framework serves as a blueprint for managing cybersecurity risk across BD products, manufacturing operational technology and information technology. The framework has 33 high-level design requirements including identity and access management, platform hardening, application security, cloud security and patch management. It is aligned to multiple industry standards and work products including the International Organization for Standardization (ISO) 27001 standards, the Healthcare & Public Health Sector Coordinating Council’s (HSCC’s) Medical Device and Health IT Joint Security Plan, the National Institute of Standards and Technology (NIST) Cybersecurity Framework, Underwriters’ Laboratories’ ((UL’s) 2900 Standard for Software Cybersecurity for Network-Connectable Products and the standards of the International Society of Automation (ISA) 62443.