The Program Manager shall have a high-level understanding of the assessed system, as well as the ability to describe organizational and system policies from an enterprise perspective, with which the system shall be in compliance. The Program Manager shall be familiar with; access controls (both physical and logical), contingency plans (i.e., alternate sites/storage, system restoration and reconstitution), user identification and authentication, system authorization to operate, incident response, resource planning, system and software acquisition, flaw remediation, and system interconnections and monitoring. During the assessment process, the Program Manager shall be available for interview and to provide documentation that falls under the Program Manager’s responsibility.
