Skip to content

Latest commit

 

History

History
15 lines (9 loc) · 1.2 KB

README.md

File metadata and controls

15 lines (9 loc) · 1.2 KB

Overview

C-PAT™ is an API and web client currently being developed through Naval Surface Warfare Center Crane Division that aims to automate vulnerability documentation and tracking. C-PAT™ is, and will continue to be architected with emphasis towards interoperability with other RMF Tools. C-PAT™ is designed to integrate with STIG Manager and Tenable.sc [Assured Compliance Assessment Solution (ACAS) Nessus Scanner] to provide a more comprehensive solution for oversight throughout the RMF process.

What is a POAM?

NIST defines a POAM as "a document for a system that identifies tasks needing to be accomplished. It details resources required to accomplish the elements of the plan, any milestones in meetings the tasks, and scheduled completion dates for the milestones".

The POAM document is an output of the "Assess" step of the Risk Management Framework.

Sample