The following example demonstrates how to apply the continuous monitoring technical reference model to a risk management domain. Please read the following article and identify a few key lessons learned from it in relation to what principles and methods you have learned in the Case Assignment.
NIST (2018). The Technical Specification for the Security Content Automation Protocol (SCAP)
Practicing continuous monitoring fundamentals, processes, etc., to one’s own experiences offers an opportunity to apply what you’ve learned to the real world. Select an information system security domain of your organization or industry and apply what you learned from the case readings and SLP examples. You can choose to assess comprehensively, or you can focus on two or three major perspectives and go much more in depth. You can choose the same security domain in the previous SLP assignment in this course or start with a new one.
SLP Assignment Expectations
Write a 2- to 5-page paper titled:
“Continuous Monitoring for ______ (your chosen information system security domain in your chosen organization/industry): Challenges and Solutions”
Address the following issues:
- Special requirements of continuous monitoring in your chosen information system security domain in your chosen organization/industry if there are any.
- Two perspectives of continuous monitoring that you select for an in-depth discussion.
- One or two major lessons learned from the example that you will apply in your own continuous monitoring issue here.
- Key challenges and solutions of continuous monitoring.
