Information Security Continuous Monitoring

Information Security Continuous Monitoring

ISCM Fundamentals is a one-day supplemental training program that focuses on Information Security Continuous Monitoring, a cornerstone of the Risk Management Framework (RMF). Topics include:

• ISCM Roles and Responsibilities

• ISCM Process

• NIST SP 800-137

  • Step 1 - Define Strategy

  • Step 2 – Establish ISCM Program

  • Step 3 – Implement

  • Step 4 – Analyze and Report

  • Step 5 – Respond to Findings

  • Step 6 – Review and Update ISCM Technologies

• ISCM Challenges & Pitfalls

Practical Guidance on ISCM automation and support tools are provided.  Student exercises, collaboration, and case studies are used to reinforce the concepts taught in the class. The course content of Information Security Continuous Monitoring (ISCM) is geared to meet the needs of a diverse audience covering the spectrum of management, operational and technical roles. Students will gain thorough knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation.