As part of assessing the security controls, initial remediation actions should be conducted to correct noncompliant security controls, based on the findings and recommendations of the Security Assessm

As part of assessing the security controls, initial remediation actions should be conducted to correct noncompliant security controls, based on the findings and recommendations of the Security Assessment Report (SAR). Remediated controls should then be reassessed, as appropriate. The specific actions taken are based on the findings and recommendations made by the Security Control Assessor (SCA) in the SAR and the tasks laid out in the Plan of Actions & Milestones (POA&M). Once remediation occurs, the SCA reassesses the affected controls.

Now, you have been tasked to brief your manager/CFO or CEO of your company about the assessment of the security controls you outlined in your Module 4 paper assignment.

The assignment consists of one deliverable in two parts:

Part I: Security Controls Assessment Paper

Create a two- to three-page paper, not including title and reference page,

Describe the results of your assessment.

Discuss any non-compliant security controls, based on the findings and recommendations to correct noncompliant security controls and any initial remediation actions and long term tasks laid out in the  POA&M.

There should be at least one non-compliant critical security control.

Your paper must be double-spaced and use a standard 12-point font and standard margins. At least two APA formatted in-text citations are required plus appropriate references must be listed. (Note: No wiki or blog references are allowed). Your document should be free of spelling and/or grammatical errors.

Part II: POA&M

Complete a POA&M that identifies the non-compliant security controls, remediation actions, and long term tasks that were discussed in the paper using this Plan of Action and Milestones (POA&M) Template Click for more options (also listed in the module’s reading).

To understand how your work will be assessed, view the  scoring rubric Click for more options .

Attach the POA&M to the end of the Security Controls Assessment Paper and submit both as one document by clicking on the assignment title.

Note: Working back and forth between the POA&M and the assessment paper will help provide the input needed for both of them.  You can refer back to this document once completed in the paper so as to reduce redundancy.