X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 98 / 158

445 views

0 shares

0 downloads

0 comments

98 / 158

U.S. Department of Health and Human Services

FISMA requires periodic and continuous testing and evaluation of the security controls in an information system to ensure that the controls remain effective in their application. Security control monitoring (i.e. verifying the continued effectiveness of those controls over time) and reporting are essential activities within an information security program. The ongoing monitoring of security controls can be accomplished by one or a combination of the following:

Security review;

Security testing; and

Evaluation or audit.

Refer to NIST SP 800-53 Rev. 3 for security control assessment procedures.

Page 11 of 12

Operations and Maintenance Phase

Continuous Monitoring

Document info
Document views445
Page views445
Page last viewedFri Dec 09 11:40:34 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments