POAMs (Plans of Actions and Milestones), are living documents, expanding when new assessments are performed and contracting as risks are remediated. Ryskview® addresses POAM management as a continuous daily operational activity, transforming it from a traditionally intermittent process. With Ryskview®, POAMs are assigned directly to the System Administrator or stakeholder responsible and entered into a workflow for review and closure. Ryskview® provides a simple, easy-to-use interface for adding unmediated vulnerabilities, configuration changes, or other assessment results into POAMs, tracking, and reporting on them.

POAMs can consist of vulnerabilities, configuration items, penetration testing results, or any other assessment results that need to be documented and monitored. All of these are inputs to cyber risk of the organization and need to be managed appropriately.

CIS Control 4: Secure Configuration of Enterprise Assets and Software

CIS Control 7: Continuous Vulnerability Management