CA-7(4) - Continuous Monitoring | Risk Monitoring

Ensure risk monitoring is an integral part of the continuous monitoring strategy that includes the following: (a) Effectiveness monitoring; (b) Compliance monitoring; and (c) Change monitoring.


Informational References

ISO 27001

ID: CA-7(4)
Enhancement of : CA-7

Countermeasures Covered by Control

ID Name Description D3FEND

Space Threats Tagged by Control

ID Description

Sample Requirements

Requirement Rationale/Additional Guidance/Notes
The [organization] shall monitor, as part of the continuous monitoring strategy, the following: implementation of risk response measures; effectiveness of the risk response implementation; configuration changes that may impact security{CA-7(4)}

Related SPARTA Techniques and Sub-Techniques

ID Name Description