home || catalog: SP800-53rev3 / class: Management / family: (PM) Program Management ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM

PM-01
PM-02
PM-03
PM-04 *
PM-05
PM-06
PM-07
PM-08
PM-09
PM-10
PM-11

PS
RA
SA
SC
SI
MMMMM

  PM-04: Plan of Action and Milestones Process  

base control objective:
The organization implements a process for ensuring that plans of action and milestones for the security program and the associated organizational information systems are maintained and document the remedial information security actions to mitigate risk to organizational operations and assets, individuals, other organizations, and the Nation.

supplemental objective information:
The plan of action and milestones is a key document in the information security program and is subject to federal reporting requirements established by OMB. The plan of action and milestones updates are based on the findings from security control assessments, security impact analyses, and continuous monitoring activities. OMB FISMA reporting guidance contains instructions regarding organizational plans of action and milestones.

enhancements to the base objective:

(1) None.

mapping to FIPS199 baseline:

  LOW: org     MOD: org     HIGH: org  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for PM-04:

None.

Document Date Status Title

Search SP800-53rev3 catalog: