Navigate

CCI-000142

CCI-000142 Definition

Implement a process to ensure that plans of action and milestones for the information security program and the associated organizational systems are maintained.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000142.

Control	Description
PM-4	The organization: a: Implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems: 1: Are developed and maintained; 2: Document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation; and 3: Are reported in accordance with OMB FISMA reporting requirements. b: Reviews plans of action and milestones for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.

Control

Description

PM-4

The organization:

a: Implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems:
- 1: Are developed and maintained;
- 2: Document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation; and
- 3: Are reported in accordance with OMB FISMA reporting requirements.

b: Reviews plans of action and milestones for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.