CIS608 – RMF Step 6: Monitor Ranking Risk

Review NIST SP800-137 and use it to draft an Information Security Continuous Monitoring (ISCM) plan. Include the following in your paper as a minimum:

Explain how you will:

Maintain situational awareness of all systems across the organization and an understanding of threats and threat activities
Assess all security controls; collecting, correlating, and analyzing security-related information
Provide actionable communication of security status across all tiers of the organization

By incorporating:

At least two of the eleven security automation domains that support continuous monitoring
A plan for aggregation or analysis
At least one automation tool

Submission Requirements:

Format: Microsoft Word
Font: Arial, 12-Point, Double- Space
Citation Style: APA
Length: 2 Pages