Public Sector Information Assurance: Streamlining Your POA&M Process – An OCEG Playbook Review

Feel like you are herding cats when trying to manage a vast number of information security vulnerability action plans and keep up with the many milestones that they establish? Actually, that is exactly like herding cats and its a tough job.

To help, OCEG and sponsor RSA have produced a new Playbook for government agencies and contractors, as well as those in the private sector, who face the challenges of keeping on top of defects and correcting them in budget and on time.

There are many challenges that arise from budget constraints, siloed operations across departments, redundant systems and ever changing requirements. The benefits of rising to these challenges, however, go beyond mere regulatory compliance. Organizations that establish a common base of process and use common technology to manage security get a broader view, enable faster sharing of information, and gain agility. The availability of tools that allow you to build an integrated approach to assessment and authorization of new information systems, continuous monitoring and overall risk management is a game changer that enhances the organization’s ability to achieve Principled Performance.

In this webinar, we will talk with experts in managing agency information security and address the following:

LEARNING OBJECTIVES:

Describe the key stages of Information Security from Assessment & Authorization, to Continuous Monitoring, and finally Plan of Action & Milestones Management (POA&M)Outline actions that should be taken to establish a standardized and integrated approach to POA&M managementUnderstand how to use the “plays” provided as tools in the OCEG PlaybookDefine what to look for in technology to support the POA&M and overall Information Security management process

PRESENTERS:
Chris Hoover, Principal Product Manager, RSA
Mita Majethia, Senior Sales Engineer, RSA