Link Search Menu Expand Document
OpenRMF Professional Help

OpenRMF® Professional Mitigation Statements

The Mitigation Statements area allows Administrators to create and edit mitigation statements that can be used on POAM records. These mitigation statements when added to a POAM record appear in the Mitigation Statement area and can be added and removed as is. The owner or POAM editor of the system package can add any statement here to their list of available mitigation statements and apply/remove them to/from POAM records as needed.

The statement will show in the details of the record on the POAM page in OpenRMF® Professional as well as in the export to XLSX of the POAM.

OpenRMF Professional Mitigation Statements

Creating and Editing Mitigation Statements

To create a new mitigation you click the Create Mitigation button. You enter a category, a title, and then the actual mitigation statement text to be used on POAM record entries where applicable.

Add an OpenRMF Professional Mitigation Statement

Uploading Mitigation Statements

You also can upload a list of mitigation statements with the category, title, statement, and active status (TRUE / FALSE) to add or bulk edit mitigation statements for your system package. You can click the Upload button and select a proper CSV, XLSX, or JSON file. There is sample data linked and listed below. This allows quick loading of mitigation statements to use at your system package level.

This allows every single system package to add general mitigation statements into their particular system package.

Download a Sample XLSX as a starting point for uploading a spreadsheet or CSV file.

The JSON for the file upload or a JSON post with data in the body for the external API is shown below.

[
    {
        "mitigationCategory": "Infrastructure",
        "mitigationTitle": "Inherited from Platform",
        "mitigationStatement": "This is inherited from the platform we are using",
        "active": true
    },
    {
        "mitigationCategory": "Infrastructure",
        "mitigationTitle": "Inherited from Infrastructure Package",
        "mitigationStatement": "This is inherited from the infrastructure we are running on and its separate ATO",
        "active": true
    },
    {
        "mitigationCategory": "Firewall",
        "mitigationTitle": "Exception for Open Port",
        "mitigationStatement": "We have a documented exception for this port being open",
        "active": true
    }
]

Copyright © 2021 - 2025 Soteria Software LLC.
Do The Work. Automate the Paperwork!SM