Request Demo

What is a POAM?

< All Topics
Print
Posted
Updated
Byjustin

The acronym, POAM, stands for Plan of Actions and Milestones (POAM). The term POAM can refer to a POAM List or a POAM item. They are utilized in Risk Management Frameworks (RMF) to monitor vulnerabilities that will not be remedied before the expected completion date.

POAM List – This refers to a group of POAM items, or vulnerabilities. Each System can have one or more POAM Lists. For example, a System may have a POAM List for regular vulnerabilities that are added to POAMs and a second POAM List for a penetration test.

POAM item – This refers to a single vulnerability or weakness. The POAM item can have an infinite number of Assets, but always refers to a single vulnerability.

Ryskview’s POAM Management

In Ryskview, the term POAM refers to a POAM List while “Action” refers to a POAM item.

Table of Contents

Get Started Today with Rysk Management

Actively manage your IT risks.  Streamline GRC operations and leverage the data for Quantitative Risk Analysis.

Schedule a Demo

Not Ready for a Demo?

Stay informed with our newsletter

Helpful Links
Contact Us
  • (410) 696-1680
  • info@ryskview.com
  • 10411 Motor City Drive Suite 685 Bethesda, MD 20817
  • © All rights reserved 2025 - Ryskview, LLC - Term & Conditions - Privacy Policy