Plan Of Action And Milestones (POAM)

Plan Of Action And Milestones (POAM) definition in Computer Security terms:

Acronym(s): POAM
POAM

Definition(s): A document that identifies tasks needing to be accomplished. It details resources required to accomplish the elements of the plan, any milestones in meeting the tasks, and scheduled completion dates for the milestones.
Source(s): NIST SP 800-18 Rev. 1 (OMB Memorandum 02-01)
NIST SP 800-37 Rev. 1 (OMB Memorandum 02-01)
NIST SP 800-39 (OMB Memorandum 02-01)
NIST SP 800-53 Rev. 4 (OMB Memorandum 02-01)
CNSSI 4009-2015 (OMB Memorandum 02-01, NIST SP 800-37 Rev. 1)
NIST SP 800-30 (OMB Memorandum 02-01)
NIST SP 800-53A Rev. 4 (OMB Memorandum 02-01)

A document that identifies tasks needing to be accomplished. It details resources required to accomplish the elements of the plan, any milestones in meeting the tasks, and scheduled completion dates for the milestones. The purpose of this POAM is to assist agencies in identifying, assessing, prioritizing, and monitoring the progress of corrective efforts for security weaknesses found in programs and systems.
Source(s): NIST SP 800-64 Rev. 2 (OMB Memorandum 02-01)

Synonym(s): None

 

reference: CSRC Glossary