For this week's discussion you are asked to create a 3-5 paragraph "talking points" paper in which you discuss the (CA) family of security controls. You should identify and discuss at least three specific controls from this family. Focus on how these controls provide for implementation of assessment, authorization, and monitoring functions to protect the organization's information and information systems. CA-5, for example, calls for developing a specific plan of action and milestones to track security controls implementation. CA-2 requires that all security controls be assessed to determine if they are working as intended.
Your talking points will be incorporated into a budget presentation and, for that reason, should support (explain) the Office of Risk Management's planned activities in this area for the next fiscal year. Full paragraphs are preferred for a talking points paper, but you may use a limited number of bullet points. Remember to use and cite authoritative sources in your work. Place your list of references at the end of your paper.