💼 PM-4 Plan of Action and Milestones Process
- ID:
/frameworks/nist-sp-800-53-r5/pm/04
Stats​
not available
Description​
a. Implement a process to ensure that plans of action and milestones for the information security, privacy, and supply chain risk management programs and associated organizational systems:
- Are developed and maintained;
- Document the remedial information security, privacy, and supply chain risk management actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation; and
- Are reported in accordance with established reporting requirements. b. Review plans of action and milestones for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.
Similar​
- Internal
- ID:
dec-c-3b4c1405
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v2.0 → 💼 GV.OV-03: Organizational cybersecurity risk management performance is evaluated and reviewed for adjustments needed | no data | ||||
| 💼 NIST CSF v2.0 → 💼 ID.IM-03: Improvements are identified from execution of operational processes, procedures, and activities | 62 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|