3.11.4

Requirement

Respond to findings from security assessments, monitoring, and audits.

Discussion

This requirement addresses the need to determine an appropriate response to risk before generating a plan of action and milestones (POAM) entry. It may be possible to mitigate the risk immediately so that a POAM entry is not needed. However, a POAM entry is generated if the risk response is to mitigate the identified risk and the mitigation cannot be completed immediately.

NIST 800-171A r3 Assessment Guidance

Examine

[SELECT FROM: risk assessment policy; assessment reports; system audit records; event logs; system security plan; other relevant documents or records]
Interview

[SELECT FROM: processes for assessments and audits; mechanisms and tools supporting or implementing assessments and auditing]
Test

[SELECT FROM: personnel with assessment and auditing responsibilities; system administrators; personnel with security responsibilities]

ID	Assessment Objectives
A.03.11.04[01]	findings from security assessments are responded to.
A.03.11.04[02]	findings from security monitoring are responded to.
A.03.11.04[03]	findings from security audits are responded to.

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!