Date Published: March 2021
Planning Note (03/31/2021):
The ISCMAx tool available under Supplemental Material is a macro-enabled Microsoft Excel application that runs on Windows-based systems only. ISCMAx is not intended to be a production-level product.
Author(s)
Kelley Dempsey (NIST), Victoria Pillitteri (NIST), Chad Baer (DHS), Ron Rudman (MITRE), Robert Niemeyer (MITRE), Susan Urban (MITRE)
This publication describes an example methodology for assessing an organization’s Information Security Continuous Monitoring (ISCM) program. It was developed directly from NIST guidance and is applicable to any organization, public or private. It can be used as documented or as the starting point for a different methodology. Included with the methodology is a reference implementation that is directly usable for conducting an ISCM assessment.
This publication describes an example methodology for assessing an organization’s Information Security Continuous Monitoring (ISCM) program. It was developed directly from NIST guidance and is applicable to any organization, public or private. It can be used as documented or as the starting point...
See full abstract
This publication describes an example methodology for assessing an organization’s Information Security Continuous Monitoring (ISCM) program. It was developed directly from NIST guidance and is applicable to any organization, public or private. It can be used as documented or as the starting point for a different methodology. Included with the methodology is a reference implementation that is directly usable for conducting an ISCM assessment.
Hide full abstract
Keywords
assessment; continuous monitoring; information security continuous monitoring; information security continuous monitoring assessment; ISCM; ISCMA; ISCMAx
Control Families
None selected
