Navigate

CCI-002993

CCI-002993 Definition

Review plans of action and milestones for the security program and associated organization systems for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002993.

Control	Description
PM-4	The organization: a: Implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems: 1: Are developed and maintained; 2: Document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation; and 3: Are reported in accordance with OMB FISMA reporting requirements. b: Reviews plans of action and milestones for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.

Control

Description

PM-4

The organization:

a: Implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems:
- 1: Are developed and maintained;
- 2: Document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation; and
- 3: Are reported in accordance with OMB FISMA reporting requirements.

b: Reviews plans of action and milestones for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.