poa amp m challenges

”A Plan of Action and Milestones (POA&M) is a living, historical document that identifies tasks that need to be created to remediate security vulnerabilities. The goal of a POA&M should be to reduce the risk of the vulnerability identified.

Describe some of the common challenges with developing and maintaining a POA&M from the standpoint of a CISO versus a CIO.”