Revision as of 02:53, 15 January 2026

Ongoing assessment and authorization

Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Note: The terms “continuous” and “ongoing” in this context mean that security controls and organizational risks are assessed and analyzed at a frequency sufficient to support risk-based security decisions to adequately protect organization information. See organizational information security continuous monitoring and automated security monitoring.

Source: CNSSI 4009-2015 | Category:

Revision as of 01:42, 15 January 2026 view source imported>Unknown user No edit summary ← Older edit		Revision as of 02:53, 15 January 2026 view source imported>Unknown user No edit summary Newer edit →
(No difference)