What does PO&A or was the person confuses and thought PO&M (Program Office and Management).
They may have been referring to a PO&AM, which is a Plan of Action and Milestones. A Plan of Action and Milestones (POA&M) is mandated by the Federal Information Systems Management Act of 2002 (FISMA) as a corrective action plan for tracking and planning the resolution of information security weaknesses.
The term has been used to describe any effort in an organization to identify, assess, prioritize, and monitor security deficiencies found in programs and systems, and to document progress in correcting those deficiencies. While originally used in information systems, the term is used to document the plan to correct deficiencies in any process. See the link below for more information, or ask the source for clarification.