ABSTRACT

Guidance for Preparing and Submitting Security Plans of Action and Milestones   [open pdf - 145KB]

On June 22, 2001, a memorandum was issued on "Reporting Instructions for the Government Information Security Reform Act" (OMB M-01-24). In the memorandum, OMB asked each agency to submit, with its September budget request, a set of program reviews and evaluations of both unclassified and classified systems, along with an executive summary. In addition, OMB asked each agency to submit to OMB by October 31, 2001, (with brief quarterly updates thereafter) "a plan of action with milestones" to address all weaknesses identified by program reviews and evaluations. In response to the June 22nd memorandum, several agencies have asked OMB to issue more detailed guidance that further describes, and provides a standard format for, the information those agencies should include in their plans of action and milestones (POA&M). Working with representatives of agency program offices and Inspector General Offices, OMB has developed the attached POA&M guidance, which provides specific instructions and examples for the POA&Ms.

Publisher:
Date:
2001-10-17
Copyright:
Public Domain
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations