plan of action and milestones

by

Resource: POA&M Template

Your company recently reviewed the results of a penetration test on your network. Several vulnerabilities were identified, and the IT security management team has recommended mitigation. The manager has asked you to construct a Plan of Action and Milestones (POA&M) given that the following vulnerabilities and mitigations were identified:

  • The penetration test showed that not all systems had malware protection software in place. The mitigation was to write a malware defense process to include all employees and retest the system after the process was implemented.
  • The penetration test indicated that the data server that houses employee payroll records had an admin password of “admin.” The mitigation was to perform extensive hardening of the data server.
  • The penetration test also identified many laptop computers that employees brought to work and connected to the internal network some of which were easily compromised. The mitigation was to write a Bring Your Own Device (BYOD) policy for all employees and train the employees how to use their devices at work.

Complete the 1- to 2-page POA&M using the form provided.

Compile one file for the team.

Note: This POA&M will help you develop your individual assignment this week.

Cite all sources using APA guidelines.