So to reply to your question; yes this is the way to go, but your Network team or Application team will see all vulnerabilities of the host to which the are owner, unless you map vulnerability categories to a stack, but this solution is not scalable.