Require the developer of the system, system component, or system service to produce a plan for continuous monitoring of control effectiveness that is consistent with the continuous monitoring program of the organization.
ID | Name | Description | D3FEND |
ID | Description |
Requirement | Rationale/Additional Guidance/Notes |
---|---|
The [organization] shall produce a plan for the continuous monitoring of security control effectiveness.{SA-4(8),CP-4(5),PM-31} |
ID | Name | Description |
---|