Course of Action
From Open Risk Manual
Definition
Course of Action. (CoA) An action or actions taken to either prevent or respond to a cyber incident. It may describe technical, automatable responses but can also describe other actions such as employee training or policy changes.
Reference
- Adapted from STIX