Chapter 7

Security Controls Monitoring

After an Authorization to Operate (ATO) is granted, ongoing continuous monitoring is performed on all identified security controls as well as the political, legal, and physical environment in which the system operates. Changes to the system or its operational environment are documented and analyzed. The security state of the system is reported to designated officials. Significant changes will cause the system to reenter the security authorization process. Otherwise, the system will continue to be monitored on an ongoing basis in accordance with the organization’s monitoring strategy.

Certified Authorization Professional (CAP®) Candidate Information Bulletin, November 2010

Topics

Continuous Monitoring

Get Official (ISC)2® Guide to the CAP® CBK®, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Official (ISC)2® Guide to the CAP® CBK®, 2nd Edition by Patrick D. Howard

Security Controls Monitoring

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly