ISC2 Governance, Risk and Compliance (CGRC) Practice Question
An agency system recently received a three-year Authorization to Operate. To keep senior organizational officials informed of the system's ongoing compliance posture during continuous monitoring, which artifact should the security team routinely update and forward to them?
The system's Configuration Management Plan describing baseline control settings
An updated Plan of Action and Milestones showing remediation status
A current network boundary diagram for the information system
The original Security Assessment Report produced for the authorization decision
Senior officials need a concise view of outstanding weaknesses and the progress of corrective actions. The Plan of Action and Milestones (POA&M) is the RMF document designed for that purpose; it is kept current and distributed so executives can track mitigation status and residual risk. The original Security Assessment Report is a historical snapshot, not a living report. A Configuration Management Plan describes baseline processes but does not convey current compliance status. A boundary diagram is useful for architecture reviews, yet it does not communicate risk remediation progress.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Plan of Action and Milestones (POA&M)?
Open an interactive chat with Bash
How does continuous monitoring support system compliance in RMF?
Open an interactive chat with Bash
Why is the POA&M more relevant than the Security Assessment Report (SAR) for ongoing monitoring?
Open an interactive chat with Bash
ISC2 Governance, Risk and Compliance (CGRC)
System Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .