Continuous Monitoring Phase involves the following steps:
Information System Environment Changes (Monitor change and maintain an accurate system inventory. Use asset management tool. This step is handled by the system Owner, and ISSO)
Ongoing Security Control Assessments (Asset 1/3 of the NIST control annually, Scan the system for weaknesses, implement vulnerability& parch management tools. This step is handled by the system Owner, ISSO and C&A analyst)
Ongoing Remediation Actions (Take steps to remediate
POAM items. This step is handled by the system Owner, ISSO and C&A analyst)
Key Updates- (Update SSP, POAM and SAR. This step is handled by the system Owner, ISSO and C&A analyst)
Security Status Reporting (Submit SSP, SAR and POAM to AO for review and direction. This step is handled by the system Owner, and ISSO)
Ongoing Risk Determination and Acceptance (AO reviews SSP, SAR, POAM and give direction to ISSO and system owner. This step is handled by the AO.AO issue annual assessment letter)
Information system Removal and Decommission (Policy and procedures for decommissioning system. Update system inventory and organization inventory accordingly. This step is handled by the system Owner, and ISSO)
NIST Publication
SP 800-137
SP 800-53,
SP 800-53A
SP-800-30
PHASE
DEVILEVABLES
PUBLICATIONS
LIFE CYCLE
CONTINUOUS MONITORING
System Security Plan (SSP) Plan Of Acton and Milestone (POAM) Security Assessment Report (SAR) Annual Assessment Letter