Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

View Schedule & Pricing
Get a Quote
Book a Meeting

Popular Searches

CISSP Security+ AWS Azure CCNA CompTIA Cloud Cybersecurity

Quick Links

Global Accelerated Learning • Est. 1999
Glossary Term Plan of Action and Milestones (POAM)

Training Camp • Cybersecurity Glossary

What is Plan of Action and Milestones (POAM)?

A POAM is a formal NIST and FedRAMP document tracking security weaknesses, remediation tasks, resources, and deadlines for closing control gaps.

Glossary > Governance, Risk & Compliance > Plan of Action and Milestones (POAM)

Plan of Action and Milestones (POAM) Definition: A POAM is a formal NIST and FedRAMP document tracking security weaknesses, remediation tasks, resources, and deadlines for closing control gaps.

Understanding Plan of Action and Milestones (POAM)

A Plan of Action and Milestones POAM is a formal document that identifies security weaknesses in a system, the remediation tasks to correct them, required resources, and target completion dates. It is a core artifact in NIST and FedRAMP risk management and authorization processes, providing a tracked roadmap for closing control deficiencies. Authorizing officials review POAMs to make risk-based decisions about system operation.

Learn More About Plan of Action and Milestones (POAM):

← Plaintext Back to All Terms Platform Hardening →

Related Cybersecurity Terms

Governance Structure
Vulnerability Coordination
Information Classification Policy
Security Baseline Mapping

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →