Latest revision as of 00:24, 20 January 2026

Ongoing assessment and authorization

Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Note: The terms “continuous” and “ongoing” in this context mean that security controls and organizational risks are assessed and analyzed at a frequency sufficient to support risk-based security decisions to adequately protect organization information. See organizational information security continuous monitoring and automated security monitoring.

Source: CNSSI 4009-2015 | Category:

Revision as of 01:42, 15 January 2026 view source imported>Unknown user No edit summary ← Older edit	Latest revision as of 00:24, 20 January 2026 view source imported>Unknown user No edit summary
(One intermediate revision by the same user not shown)
(No difference)