3.12.2 Develop & Implement Plans of Action

3.12.2 Develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems.

To go back to the NIST 800-171 Controls page, click here.

Guides

• FedRAMP Plan of Action and Milestones (POA&M) Template
• Centers for Medicare & Medicaid Services – Plan of Action and Milestones Process Guide
• Department of Homeland Security – Process Guide for Plan of Action and Milestones (POAM)

Example Tools

• https://www.cdse.edu/documents/cdse/CDSE_POAM_Final_Job_Aid.pdf 
  

Sample Policy & Procedures

• U.S. Department of Agriculture – Plan of Action and Milestones Policy

Additional Lessons Learned

• Department of Energy – Plan of Action and Milestones (POAM) Training Session

Videos

• YouTube – An Introduction to the Plan of Actions and Milestones (POAM)