Chapter 14
Continuous Monitoring
Information in this chapter:
• The Role of Continuous Monitoring in Security Management
• Continuous Monitoring and the Risk Management Framework
• Developing a Continuous Monitoring Strategy
• Agency and System Level Perspectives on Continuous Monitoring
• Approaches, Tools, and Techniques for Continuous Monitoring
Information system security focuses on two fundamental activities: implementing and correctly configuring security controls to reduce risk to an acceptable level, and—recognizing that this first activity is difficult or impossible to do perfectly—testing and monitoring the system and its environment to understand whether the controls are providing the intended level of protection [1]. Once systems are ...
Get FISMA and the Risk Management Framework now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.