>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CA-5Plan Of Action And Milestones

>Control Description

For a system-level plan of actions and milestones (POA&Ms), enterprises need to ensure that a separate POA&M exists for C-SCRM and includes both information systems and the supply chain. The C-SCRM POA&M should include tasks to be accomplished with a recommendation for completion before or after system authorization, the resources required to accomplish the tasks, milestones established to meet the tasks, and the scheduled completion dates for the milestones and tasks. The enterprise should include relevant weaknesses, the impact of weaknesses on information systems or the supply chain, any remediation to address weaknesses, and any continuous monitoring activities in its C-SCRM POA&M. The C-SCRM POA&M should be included as part of the authorization package.

>Cross-Framework Mappings

SCF

IAO-05
Compare

Ask AI

Configure your API key to use AI features.