Skip to main content

πŸ’Ό CA-7 CONTINUOUS MONITORING

Description​

The organization develops a continuous monitoring strategy and implements a continuous monitoring program that includes: CA-7a. Establishment of [Assignment: organization-defined metrics] to be monitored; CA-7b. Establishment of [Assignment: organization-defined frequencies] for monitoring and [Assignment: organization-defined frequencies] for assessments supporting such monitoring; CA-7c. Ongoing security control assessments in accordance with the organizational continuous monitoring strategy; CA-7d. Ongoing security status monitoring of organization-defined metrics in accordance with the organizational continuous monitoring strategy; CA-7e. Correlation and analysis of security-related information generated by assessments and monitoring; CA-7f. Response actions to address results of the analysis of security-related information; and CA-7g. Reporting the security status of organization and the information system to [Assignment: organization-defined personnel or roles] [Assignment: organization-defined frequency].

Similar​

  • Internal
    • ID: dec-c-a326185e

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.AE-2: Detected events are analyzed to understand attack targets and methods1922
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.AE-3: Event data are collected and correlated from multiple sources and sensors1922
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.CM-1: The network is monitored to detect potential cybersecurity events1928
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.CM-2: The physical environment is monitored to detect potential cybersecurity events
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.CM-3: Personnel activity is monitored to detect potential cybersecurity events2124
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events77
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed1923
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.DP-1: Roles and responsibilities for detection are well defined to ensure accountability
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.DP-2: Detection activities comply with all applicable requirements77
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.DP-3: Detection processes are tested1414
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.DP-4: Event detection information is communicated3033
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.DP-5: Detection processes are continuously improved1416
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό ID.RA-1: Asset vulnerabilities are identified and documented1415
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.IP-7: Protection processes are improved2
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.IP-8: Effectiveness of protection technologies is shared77
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό RS.AN-1: Notifications from detection systems are investigated1922
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό RS.CO-3: Information is shared consistent with response plans1617
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό RS.MI-3: Newly identified vulnerabilities are mitigated or documented as accepted risks77

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CA-7 (1) INDEPENDENT ASSESSMENT
πŸ’Ό CA-7 (2) TYPES OF ASSESSMENTS
πŸ’Ό CA-7 (3) TREND ANALYSES