Security Weaknesses Are Not Timely Resolved and Effectively Managed

Consolidate the best business unit POA&M remediation practices and implement a consistent process agency-wide to adequately manage security risk remediation in accordance with Federal guidelines.

Prioritize staffing and other resource allocations to address both management and remediation of POA&Ms agency-wide and review progress on an ongoing basis.

Specifically consider POA&M estimated costs in budget formulation.

Collaborate with business unit representatives to ensure POA&M costs are updated at closure.