5. “Continuous Monitoring for ______ (your chosen information system security domain in your chosen organization/industry): Challenges and Solutions”
The following example demonstrates how to apply continous monitoring technical reference model to a particular risk management domain. Please read the following artilce and identify a few key lessons learned from it in relation to what principles and methods you have learned in the case assignment.
NIST (2015). Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains.
Practicing continous monitoring foundamentals, processes, etc. to one’s own experiences offers an opportunity to apply what you’ve learned to the real world. Can you choose a particular information system security domain of your organization or industry and apply what you learned from the case readings and SLP examples? You can choose to assess comprehensively, or you can choose not to cover all the aspects of continous monitoring but focus on two or three major perspectives and go much more in depth. You can choose the same security domain in the previous SLP assignment in this course, or start with a new one.