PM-4 Plan of Action and Milestones Processes
Initial Implementation: 10/1/2022
Last Review: 10/15/2025
Last Review: 10/15/2025
Statement
The University shall develop and update, a plan of action and milestone process for security information resources that document the University’s planned, implemented, and evaluated remedial actions to correct deficiencies noted during the assessment of the security controls to reduce or eliminate known vulnerabilities in the system.
Applicability
This Control applies to all West Texas A&M network information resources. The responsibility and authority for this control is shared between the CIO and the ISO.
Implementation
The CIO in corridination with the ISO shall implement a plan of action and milestones for the security program and associated WTAMU information resources that:
- Includes WTAMU’s planned, implemented, and evaluated remedial actions to correct deficiencies noted during the assessment of the security controls to reduce or eliminate known vulnerabilities in the system.
- Is reported in accordance with applicable OMB FISMA reportoing requirements.
- The plan shall be reviewed periodically for consistency and changes in organizational priorities.