Information Security Continuous Monitoring
Issued by
BAI Information Security
Earners of the Information Security Continuous Monitoring badge have an in-depth understanding of step 6 of the Risk Management Framework and have practiced the necessary skills to design and implement a robust continuous monitoring strategy to maintain their Authority to Operate for the duration of the authorization. Earners understand the ISCM process as outlined in the NIST SP 800-37 as well as the technologies available to facilitate the continuous monitoring of their federal system.
- Type Learning
- Level Intermediate
- Time Hours
- Cost Paid
Skills
Earning Criteria
Standards
This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations.
This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural disasters, and foreign intelligence entities.
The purpose of this guideline is to assist organizations in the development of a continuous monitoring strategy and the implementation of a continuous monitoring program providing visibility into organizational assets, awareness of threats and vulnerabilities, and visibility into the effectiveness of deployed security controls.
This publication describes an approach for the development of Information Security Continuous Monitoring (ISCM) program assessments that can be used to evaluate ISCM programs within federal, state, and local governmental organizations and commercial enterprises.