Information System Continuous Monitoring Q2

(ISCM)/ Ongoing Authorization (OA)

  • Risk Management Framework (RMF)
    • Categorization
    • Control Selection
    • Implementation
    • Assessment
    • Authorization-OA happens here and it is affected by the ISCM strategy define under Phase six of the RMF (continuous Monitoring)
  • Continuous Monitoring
    • FISMA is guided by OMB Circular A-130
  • FISMA guidance on OA is stated in OMB Circular 14-04
  • OA is fundamentally related to the ongoing understanding and ongoing acceptance of information security risk

http://csrc.nist.gov/publications/nistpubs/800-37- rev1/nist_oa_guidance.pdf

error: Content is protected !!