2 KiB
| implementation-status | control-origination | |||||
|---|---|---|---|---|---|---|
|
|
ca-5 - [catalog] Plan of Action and Milestones
Control Statement
-
[a] Develop a plan of action and milestones for the system to document the planned remediation actions of the organization to correct weaknesses or deficiencies noted during the assessment of the controls and to reduce or eliminate known vulnerabilities in the system; and
-
[b] Update existing plan of action and milestones frequency based on the findings from control assessments, independent audits or reviews, and continuous monitoring activities.
Control guidance
Plans of action and milestones are useful for any type of organization to track planned remedial actions. Plans of action and milestones are required in authorization packages and subject to federal reporting requirements established by OMB.
Control assessment-objective
a plan of action and milestones for the system is developed to document the planned remediation actions of the organization to correct weaknesses or deficiencies noted during the assessment of the controls and to reduce or eliminate known vulnerabilities in the system; existing plan of action and milestones are updated frequency based on the findings from control assessments, independent audits or reviews, and continuous monitoring activities.
What is the solution and how is it implemented?
Implementation a.
Add control implementation description here for item ca-5_smt.a
Implementation b.
Add control implementation description here for item ca-5_smt.b