Continuous Monitoring Phase

From FISMApedia
Jump to: navigation, search

The Continuous Monitoring Phase consists of three tasks: (i) configuration management and control; (ii) security control monitoring; and (iii) status reporting and documentation. The purpose of this phase is to provide oversight and monitoring of the security controls in the information system on an ongoing basis and to inform the Authorizing Official when changes occur that may impact on the security of the system. The activities in this phase are performed continuously throughout the life cycle of the information system.