CCI-000264

The organization develops a plan of action and milestones for the information system to document the organization^s planned remedial actions to correct weaknesses or deficiencies noted during the assessment of the security controls and to reduce or eliminate known vulnerabilities in the system.

Implementation Guidance

The organization being inspected/assessed will develop a security POA&M in accordance with DoDI 8510.01 Enclosure 6. POA&M templates are available on the Knowledge Service.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the security POA&M for compliance with DoDI 8510.01.

Compelling Evidence

1.) Signed and dated Security Plan of Action and Milestones document for compliance with DoDI 8510.01

The controls below (if any) were marked by NIST as being related to CCI-000264.