CCI-002088
CCI-002088 Definition
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if: - system-level continuous monitoring includes established [CA-07_ODP[02]; frequencies at which to monitor control effectiveness are defined] for monitoring. - system-level continuous monitoring includes established [CA-07_ODP[03]; frequencies at which to assess control effectiveness are defined] for assessment of control effectiveness.
Validation Procedures
Examine: [SELECT FROM: Assessment, authorization, and monitoring policy; organizational continuous monitoring strategy; system-level continuous monitoring strategy; procedures addressing continuous monitoring of system controls; procedures addressing configuration management; control assessment report; plan of action and milestones; system monitoring records; configuration management records; impact analyses; status reports; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with continuous monitoring responsibilities; organizational personnel with information security and privacy responsibilities; system/network administrators]. Test: [SELECT FROM: Mechanisms implementing continuous monitoring; mechanisms supporting response actions to address assessment and monitoring results; mechanisms supporting security and privacy status reporting].