STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 7 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← All Controls

PM-4

Program ManagementRev 5

Plan of Action and Milestones Process

CCI Identifiers (14)

CCI-000142Implement a process to ensure that plans of action and milestones for the information security program and the associated organizational systems are maintained.CCI-000170Implement a process to ensure that plans of action and milestones for the security program and associated organizational systems document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation.CCI-002991Implement a process to ensure that plans of action and milestones for the information security program and associated organizational systems are developed.CCI-002992The organization implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems are reported in accordance with OMB FISMA reporting requirements.CCI-002993Review plans of action and milestones for the security program and associated organization systems for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.CCI-004319Implement a process to ensure that plans of action and milestones for the privacy program and the associated organizational systems are maintained.CCI-004320Implement a process to ensure that plans of action and milestones for the privacy program and associated organizational systems are developed.CCI-004321Implement a process to ensure that plans of action and milestones for the supply chain risk management programs and the associated organizational systems are maintained.CCI-004322Implement a process to ensure that plans of action and milestones for the supply chain risk management programs and the associated organizational systems are developed.CCI-004323Implement a process to ensure that plans of action and milestones for the privacy program and associated organizational systems document the remedial information privacy actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation.CCI-004324Implement a process to ensure that plans of action and milestones for the supply chain risk management program and associated organizational systems document the remedial information supply chain risk management actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation.CCI-004325Implement a process to ensure that plans of action and milestones for the security program and associated organizational systems are reported in accordance with established reporting requirements.CCI-004326Implement a process to ensure that plans of action and milestones for the privacy program and associated organizational systems are reported in accordance with established reporting requirements.CCI-004327Implement a process to ensure that plans of action and milestones for the supply chain risk management program and associated organizational systems are reported in accordance with established reporting requirements.

Linked STIG Checks (0)

No STIG checks reference this control.