Respond to the following in a minimum of 250 words: A plan of action and milestones (POA&M) is a living, historical document that identifies tasks that need to be created to remediate security...

1 answer below »

Respond to the following in a minimum of 250 words:



  • A plan of action and milestones (POA&M) is a living, historical document that identifies tasks that need to be created to remediate security vulnerabilities. The goal of a POA&M should be to reduce the risk of the vulnerability identified.



  • Describe some of the common challenges with developing and maintaining a POA&M from the standpoint of a CISO versus a CIO.



Answered Same DayMar 17, 2022

Answer To: Respond to the following in a minimum of 250 words: A plan of action and milestones (POA&M) is a...

Nithin answered on Mar 17 2022
94 Votes
The POA&M is an important document in the security authorization package and monthly continuous monitoring activities. This document identifies the system’s known weaknesses in terms of security and describes the specific activities the CSP will take to correct them. In certain cases the CSP’s work will be directly handled by the CISO. The ultimate goal and purpose of the to structure and maintain a POA&M is to track risk mitigation activities that are crucial to handle independently. Ultimately, the end goal of a POA&M should be to reduce the risk of...
SOLUTION.PDF
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here
Have files?