Chapter 12

Plan of Action and Milestones

Information in this chapter:

• Regulatory Background

• Structure and Content of the Plan of Action and Milestones

• Weaknesses and Deficiencies

• Producing the Plan of Action and Milestones

• Maintaining and Monitoring the Plan of Action and Milestones

• Relevant Source Material

No system is perfectly secure, and a system deemed to have adequate protective measures in place still presents some risk that the system will be compromised in a way that results in loss or damage to the organization. Information security also is not static, as the set of threats and vulnerabilities that might affect a system can and do change over time. For both of these reasons, system owners and organizational information security ...

Get FISMA and the Risk Management Framework now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.