Ongoing assessment and authorization: Difference between revisions
imported>Unknown user No edit summary |
imported>Unknown user No edit summary |
||
| Line 1: | Line 1: | ||
{{LanguageHeader|en}} | {{LanguageHeader|en}} | ||
{{CyberTerm|definition=Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Note: The terms “continuous” and “ongoing” in this context mean that security controls and organizational risks are assessed and analyzed at a frequency sufficient to support risk-based security decisions to adequately protect organization information. See organizational information security continuous monitoring and automated security monitoring.|source=CNSSI 4009-2015}} | {{CyberTerm|definition=Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. | ||
Note: The terms “continuous” and “ongoing” in this context mean that security controls and organizational risks are assessed and analyzed at a frequency sufficient to support risk-based security decisions to adequately protect organization information. | |||
See organizational information security continuous monitoring and automated security monitoring.|source=CNSSI 4009-2015}} | |||
Revision as of 01:42, 15 January 2026
Ongoing assessment and authorization
Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Note: The terms “continuous” and “ongoing” in this context mean that security controls and organizational risks are assessed and analyzed at a frequency sufficient to support risk-based security decisions to adequately protect organization information. See organizational information security continuous monitoring and automated security monitoring.
Source: CNSSI 4009-2015 | Category: