U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

NISTIR 7799 (Draft)

Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications

Date Published: January 2012
Comments Due: February 17, 2012 (public comment period is CLOSED)
Email Questions to: fe-comments@nist.gov

Author(s)

Peter Mell (NIST), David Waltermire (NIST), Adam Halbardier (BAH), Larry Feldman (BAH)

Announcement

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7799, Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications. This publication provides the technical specifications for the continuous monitoring (CM) reference model presented in NIST IR 7756. These specifications enable multi-instance CM implementations, hierarchical tiers, multi-instance dynamic querying, sensor tasking, propagation of policy, policy monitoring, and policy compliance reporting. A major focus of the specifications is on workflows that describe the coordinated operation of all subsystems and components within the model. Another focus is on subsystem specifications that enable each subsystem to play its role within the workflows. The final focus is on interface specifications that supply communication paths between subsystems. These three sets of specifications (workflows, subsystems, and interfaces) are written to be data domain agnostic, which means that they can be used for CM regardless of the data domain that is being monitored.

Abstract

Keywords

continuous monitoring
Control Families

Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Incident Response; Maintenance; Risk Assessment; System and Communications Protection

Documentation

Publication:
Draft NISTIR 7799

Supplemental Material:
None available

Related NIST Publications:
NISTIR 7756 (Draft)
NISTIR 7800 (Draft)
SP 800-137
ITL Bulletin

Document History:
01/06/12: NISTIR 7799 (Draft)