Introduction to Continuous Monitoring

Continuous¹ monitoring (CM)² is an organizational-wide activity that supports risk management by enabling an organization to understand and maintain its information security and risk posture through the collection, analysis, monitoring, and reporting of security-related information. To be effective, CM needs to be driven by the organization’s management to ensure it is managed as a part of the enterprise-wide risk management activity. This ensures monitoring is considered outside the context of a single information ...