The NIST RMF uses the output from the assessment phase to develop a list of vulnerabilities. This list of vulnerabilities and the proposed remediation plan are used to create a plan of action and milestones (POA&M) that reflects the priorities of the client in mitigating vulnerabilities identified.
Using the files provided, complete the Vulnerability Mitigation Plan Worksheet, including a physical asset control plan, and the Plan of Action and Milestones Worksheet. The plans should be no more than 1 page each.