CA-5: Plan Of Action And Milestones
Generated
2019-04-12 13:01:48.067729
Status
Skipped
Statements
The organization:
| Code | Description |
|---|---|
| CA-5a. | Develops a plan of action and milestones for the information system to document the organization�s planned remedial actions to correct weaknesses or deficiencies noted during the assessment of the security controls and to reduce or eliminate known vulnerabilities in the system; and |
| CA-5b. | Updates existing plan of action and milestones [Assignment: organization-defined frequency] based on the findings from security controls assessments, security impact analyses, and continuous monitoring activities. |
Additional Guidance
Plans of action and milestones are key documents in security authorization packages and are subject to federal reporting requirements established by OMB.