The course explores new/updated guidance, policy and procedures for implementing a well-developed and thorough approach for building a continuous monitoring program IAW SP 800-137, 800-39, 800-55, 800-128, 800-37 (Rev. 1), 800-53 (Rev. 4 [soon Rev. 5]) and 800-53A.
This in-depth course builds on the principles of the NIST Risk Management Framework (Step 6) and supporting NIST guidance (Risk Management, Performance Measurements, Security Control Catalogue, Security Control Assessment Procedures, Configuration Management, System Development Life Cycle, etc.). It familiarizes students with the new continuous monitoring guidance relating to understanding the process, identifying procedures, developing an organizational strategy and ultimately, incorporating a continuous monitoring program into the organizational mission/business functions.