>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CA-5Plan Of Action And Milestones

PBMM (P3)
Secret (P3)
Management

>Control Description

(A) The organization develops a plan of action and milestones for the information system to document the organization’s planned remedial actions to correct weaknesses or deficiencies noted during the assessment of the security controls and to reduce or eliminate known vulnerabilities in the system; and (B) The organization updates existing plan of action and milestones organization-defined frequency based on the findings from security controls assessments, security impact analyses, and continuous monitoring activities.

>Supplemental Guidance

Plans of action and milestones are key sections of the operations security plan, which is are key documents in the security authorization packages and may be subject to organizational and GC reporting. Related controls: CA-2, CA-7, CM-4.

>Profile-Specific Parameters

(B) frequency [Authorizer-determined frequency]

Ask AI

Configure your API key to use AI features.