| 2.3.12-19-1 Ensure that the Program Protection Risk Analysis process is comprehensive and complete |
Phase 0 |
Phase A |
Phase B |
Phase C |
Phase D1 |
Phase D2 |
Phase D3 |
|
Program Protection risks should be developed through an analysis of the threats and vulnerabilities to determine consequence and likelihood leading to a risk rating. Program Protection risks should be captured as formal risks in the program's risk management process. Failure to track and mitigate the risks according to the formal risk management process increases the likelihood that security vulnerabilities will not be mitigated or will need to be mitigated later, leading to increase costs and schedule or possibly to loss of CPI or CCs.
|
NA
|
NA
|
Program Protection Plan Content Rich Template, TOR-2013-00825
|