The US Cybersecurity and Infrastructure Security Agency (CISA) announced the release of a Stakeholder-Specific Vulnerability Categorization (SSVC) guide that can help organizations prioritize vulnerability patching using a decision tree model.
Source: cyware.com