Sign up to save your podcasts
Or
Share Convocourses Podcast: Plan of Action and Milestone (POAM content)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Convocourses Podcast: Plan of Action and Milestone (POAM content)
To download the POAM in this podcast go to convocourses.com
A Plan of Action and Milestones (POA&M) is a document that identifies tasks needing to be accomplished to remediate or mitigate risks to a system. It is a requirement under NIST 800-53, which is a guideline for federal agencies and contractors to follow when managing their information security programs. A NIST 800 POA&M, therefore, is a POA&M that is developed in compliance with NIST 800-53 standards.
The NIST 800 POA&M details the resources required to accomplish the elements of the plan, any milestones for meeting the tasks, and scheduled milestone completion dates [1]. The document is continuously updated as progress is made towards remediation, making it a living, dynamic document [2]. The POA&M is a critical tool for anyone responsible for tracking and reporting compliance issues or risks identified for a system [3].
NIST 800-53r5 recommends the use of security automation software to support the POA&M process. This software can help with tracking POA&M items and milestones, and integrate with ticketing systems for streamlined management of remediation activities [2].
View all episodes
By Bruce Brown
5
44 ratings
To download the POAM in this podcast go to convocourses.com
A Plan of Action and Milestones (POA&M) is a document that identifies tasks needing to be accomplished to remediate or mitigate risks to a system. It is a requirement under NIST 800-53, which is a guideline for federal agencies and contractors to follow when managing their information security programs. A NIST 800 POA&M, therefore, is a POA&M that is developed in compliance with NIST 800-53 standards.
The NIST 800 POA&M details the resources required to accomplish the elements of the plan, any milestones for meeting the tasks, and scheduled milestone completion dates [1]. The document is continuously updated as progress is made towards remediation, making it a living, dynamic document [2]. The POA&M is a critical tool for anyone responsible for tracking and reporting compliance issues or risks identified for a system [3].
NIST 800-53r5 recommends the use of security automation software to support the POA&M process. This software can help with tracking POA&M items and milestones, and integrate with ticketing systems for streamlined management of remediation activities [2].
More shows like ConvoCourses
View all
Security Now (Audio)
2,002 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
638 Listeners
CyberWire Daily
1,020 Listeners
Smashing Security
321 Listeners
Click Here
415 Listeners
Darknet Diaries
8,007 Listeners
Cybersecurity Today
178 Listeners
Hacking Humans
314 Listeners
Cyber Work
101 Listeners
AWS Podcast
202 Listeners
Cyber Security Headlines
136 Listeners
CISO Tradecraft®
48 Listeners
The TechTual Talk
41 Listeners
Bloomberg Tech
60 Listeners
CISSP Cyber Training Podcast - CISSP Training Program
32 Listeners