U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-137A

Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment

Date Published: May 2020

Planning Note (03/31/2021):

NISTIR 8212, An Information Security Continuous Monitoring Program Assessment, provides an operational approach to the assessment of an organization’s ISCM program using ISCMAxa free, publicly available working implementation of the ISCM program assessment described in NIST SP 800-137A.


Author(s)

Kelley Dempsey (NIST), Victoria Pillitteri (NIST), Chad Baer (CISA), Robert Niemeyer (MITRE), Ron Rudman (MITRE), Susan Urban (MITRE)

Abstract

Keywords

assessment; assessment element; assessment methodology; assessment procedure; continuous monitoring; information security continuous monitoring; ISCM program; ISCM program assessment
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-137A
Download URL

Supplemental Material:
Element Catalog for SP 800-137A (xlsx)

Other Parts of this Publication:
SP 800-137

Related NIST Publications:
IR 8212

Document History:
01/13/20: SP 800-137A (Draft)
05/21/20: SP 800-137A (Final)