U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Publications

NISTIR 8212

ISCMA: An Information Security Continuous Monitoring Program Assessment

Date Published: March 2021

Planning Note (3/31/2021):

The ISCMAx tool available under Supplemental Material is a macro-enabled Microsoft Excel application that runs on Windows-based systems only. ISCMAx is not intended to be a production-level product.


Author(s)

Kelley Dempsey (NIST), Victoria Pillitteri (NIST), Chad Baer (DHS), Ron Rudman (MITRE), Robert Niemeyer (MITRE), Susan Urban (MITRE)

Abstract

Keywords

assessment; continuous monitoring; information security continuous monitoring; information security continuous monitoring assessment; ISCM; ISCMA; ISCMAx
Control Families

None selected

Documentation

Publication:
NISTIR 8212 (DOI)
Local Download

Supplemental Material:
ISCMAx: Recommended Judgments (xls)
ISCMAx: Alternate Judgments (xls)

Related NIST Publications:
SP 800-137A

Document History:
10/01/20: NISTIR 8212 (Draft)
03/31/21: NISTIR 8212 (Final)