Security Requirements for 03.11.04 Risk Response

This requirement addresses the need to determine an appropriate response to risk before generating a plan of action and milestones (POAM) entry. It may be possible to mitigate the risk immediately so that a POAM entry is not needed. However, a POAM entry is generated if the risk response is to mitigate the identified risk and the mitigation cannot be completed immediately.

View CPRT 03.11.04

  1. 03.11.04

    Respond to findings from security assessments, monitoring, and audits.