• Classroom
  • Online, Instructor-Led
Course Description

ISCM was developed by the US National Institute of Standards and Technology (NIST). NIST provides detailed guidance on implementing a risk management framework. It also provides a detailed and broad control set for federal agencies to adopt, though any organization can adopt the controls as standards. There are lessons to be learned and technology improvements that can be implemented in any industry, such as finance, utilities, health care, and more. A combination of the risk management framework, control set and the continuous monitoring implementation guidance can be used to set up acceptable continuous monitoring plan. In this course students explore new guidance, policy and procedures for implementing a well-developed and thorough strategy for building a continuous monitoring program IAW SP 800-137, 800-39, 800-55, 800-128, 800-37 (Rev. 1), and 800-53 (Rev. 4). Topics include roles and responsibilities, establishment and implementation of the ISCM strategy, analysis and reporting of findings, and program review in accordance with NIST Special Publication (SP) 800-137. Students will gain thorough knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation.

Learning Objectives

  • Explore new guidance, policy and procedures for implementing a well-developed and thorough strategy for building a continuous monitoring program
  • Gain thorough knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation.

Framework Connections