Remediation Tracker

Drive risks to closure with assigned owners, due dates, and required evidence.

Not Started

3

In Progress

3

Blocked

3

Completed

3

Status

Priority

Task ID	Related Risk	Action	Priority	Owner	Due	Status	Evidence Needed	Actions
T-001	R-001	Enforce MFA via Okta for all SaaS apps and AWS root/admin accounts.	High	Priya Shah	2026-07-24		MFA enforcement policy screenshot
T-002	R-002	Implement quarterly access review process owned by IT with manager attestation.	Critical	Marcus Lee	2026-07-31		Quarterly access review report
T-003	R-003	Automate joiner/mover/leaver workflow between HRIS and Okta.	High	Elena Volkov	2026-08-07		Joiner/leaver SOP
T-004	R-004	Schedule semi-annual restore tests and document results.	High	Sam Okafor	2026-08-14		Backup restore test results
T-005	R-005	Draft IR plan; run a tabletop exercise quarterly.	High	Jordan Reyes	2026-08-21		Incident response plan & tabletop notes
T-006	R-006	Deploy KnowBe4 training with quarterly phishing simulations.	High	Priya Shah	2026-08-28		Training completion report
T-007	R-007	Establish vendor intake questionnaire and annual review cycle.	Critical	Marcus Lee	2026-09-04		Vendor assessment form
T-008	R-008	Deploy Tenable/Qualys with monthly scans and SLAs by severity.	High	Elena Volkov	2026-09-11		Vulnerability scan report
T-009	R-009	Centralize logs in SIEM (Datadog/Splunk) with detection rules.	Critical	Sam Okafor	2026-09-18		SIEM dashboard screenshot
T-010	R-010	Adopt SOC 2 policy pack; assign owners; review annually.	Medium	Jordan Reyes	2026-09-25		Approved policy set
T-011	R-011	Deploy Kandji + AWS Config aggregator; reconcile monthly.	High	Priya Shah	2026-10-02		Asset inventory export
T-012	R-012	Document BCP/DR with RTO/RPO; run annual failover test.	High	Marcus Lee	2026-10-09		BCP/DR plan