U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Continuous Monitoring of Information Security: An Essential Component of Risk Management

Published

Author(s)

Shirley M. Radack

Abstract

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. The guide helps organizations develop an ISCM strategy and implement an ISCM program that provides awareness of threats and vulnerabilities of information systems, and that facilitates the assessment of organizational assets and the effectiveness of security controls. The bulletin explains the importance of information system continuous monitoring in protecting information systems and information, the role of ISCM in the Risk Management Framework, the integration of ISCM in organizational risk assessment activities, and the details of the organizational ISCM process. References are provided to additional sources of information on ongoing monitoring of information systems and on the Risk Management Framework.
Citation
ITL Bulletin -
NIST Pub Series
ITL Bulletin
Pub Type
NIST Pubs

Download Paper

Local Download

Keywords

cyber security, Federal Information Security Management Act, information security, information system continuous monitoring, information system life cycle, information technology, risk assessment, Risk Management Framework, security controls, security impact assessments, security plans, security requirements, security risks, threats to systems, vulnerabilities
Information technology and Cybersecurity

Citation

Radack, S. (2011), Continuous Monitoring of Information Security: An Essential Component of Risk Management, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=909992 (Accessed April 20, 2024)

Created October 25, 2011, Updated January 27, 2020