PM-14: Testing, Training, and Monitoring

Information security program plan

privacy program plan

plans for conducting security and privacy testing, training, and monitoring activities

organizational procedures addressing the development and maintenance of plans for conducting security and privacy testing, training, and monitoring activities

risk management strategy

procedures for the review of plans for conducting security and privacy testing, training, and monitoring activities for consistency with risk management strategy and risk response priorities

results of risk assessments associated with conducting security and privacy testing, training, and monitoring activities

documentation of the timely execution of plans for conducting security and privacy testing, training, and monitoring activities

other relevant documents or records

Organizational personnel with responsibilities for developing and maintaining plans for conducting security and privacy testing, training, and monitoring activities

organizational personnel with information security and privacy responsibilities

Organizational processes for the development and maintenance of plans for conducting security and privacy testing, training, and monitoring activities

mechanisms supporting the development and maintenance of plans for conducting security and privacy testing, training, and monitoring activities