{ "$TMF_VERSION": "1.4", "PublicationDateTime": "2021-04-26T00:00:00.000Z", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CA-7: Continuous Monitoring. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.", "Keywords": [ "800-53", "Authorization", "Continuous Monitoring", "High", "Low", "Moderate", "NIST", "P2", "Security", "Security Assessment" ], "Issuer": { "Identifier": "https://trustmarkinitiative.org/", "PrimaryContact": { "Email": "help@trustmarkinitiative.org", "Telephone": "555-555-5555", "Kind": "PRIMARY", "WebsiteURL": "https://trustmarkinitiative.org/", "Responder": "" }, "Name": "TMI" }, "Sources": [{ "Identifier": "SP800-53R4", "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.", "$id": "source-2112165102" }], "Name": "NIST SP 800-53 r4 Security Control CA-7: Continuous Monitoring", "TrustExpression": "TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6 and TD_ref7 and TD_ref8", "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ca-7_-continuous-monitoring/4/", "Version": "4", "References": {"TrustmarkDefinitionRequirements": [ { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/ongoing-security-control-assessments/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for ongoing security control assessments as related to overall certification accreditation and security assessments requirements.", "Number": 1, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/ongoing-security-control-assessments/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for ongoing security control assessments as related to overall certification accreditation and security assessments requirements.", "Number": 1, "Version": "1.0", "Name": "Ongoing Security Control Assessments" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Ongoing Security Control Assessments", "$id": "TD_ref1" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/continuous-security-status-monitoring/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for continuous security status monitoring as related to overall certification accreditation and security assessments requirements.", "Number": 2, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/continuous-security-status-monitoring/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for continuous security status monitoring as related to overall certification accreditation and security assessments requirements.", "Number": 2, "Version": "1.0", "Name": "Continuous Security Status Monitoring" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Continuous Security Status Monitoring", "$id": "TD_ref2" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/continuous-monitoring-metrics/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring metrics as related to overall certification accreditation and security assessments requirements.", "Number": 3, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/continuous-monitoring-metrics/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring metrics as related to overall certification accreditation and security assessments requirements.", "Number": 3, "Version": "1.0", "Name": "Continuous Monitoring Metrics" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Continuous Monitoring Metrics", "$id": "TD_ref3" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/continuous-monitoring-reporting/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring - reporting as related to overall certification accreditation and security assessments requirements.", "Number": 4, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/continuous-monitoring-reporting/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring - reporting as related to overall certification accreditation and security assessments requirements.", "Number": 4, "Version": "1.0", "Name": "Continuous Monitoring - Reporting" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Continuous Monitoring - Reporting", "$id": "TD_ref4" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/continuous-monitoring-response-actions/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring response actions as related to overall certification accreditation and security assessments requirements.", "Number": 5, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/continuous-monitoring-response-actions/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for continuous monitoring response actions as related to overall certification accreditation and security assessments requirements.", "Number": 5, "Version": "1.0", "Name": "Continuous Monitoring Response Actions" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Continuous Monitoring Response Actions", "$id": "TD_ref5" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/defined-frequency-for-monitoring-supporting-assessments/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for defined frequency for monitoring supporting assessments as related to overall certification accreditation and security assessments requirements.", "Number": 6, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/defined-frequency-for-monitoring-supporting-assessments/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for defined frequency for monitoring supporting assessments as related to overall certification accreditation and security assessments requirements.", "Number": 6, "Version": "1.0", "Name": "Defined Frequency for Monitoring Supporting Assessments" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Defined Frequency for Monitoring Supporting Assessments", "$id": "TD_ref6" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/correlation-and-analysis-of-monitoring-and-assessment-information/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for correlation and analysis of monitoring and assessment information as related to overall certification accreditation and security assessments requirements.", "Number": 7, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/correlation-and-analysis-of-monitoring-and-assessment-information/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for correlation and analysis of monitoring and assessment information as related to overall certification accreditation and security assessments requirements.", "Number": 7, "Version": "1.0", "Name": "Correlation and Analysis of Monitoring and Assessment Information" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Correlation and Analysis of Monitoring and Assessment Information", "$id": "TD_ref7" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/defined-frequency-for-continuous-monitoring/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for defined frequency for continuous monitoring as related to overall certification accreditation and security assessments requirements.", "Number": 8, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/defined-frequency-for-continuous-monitoring/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for defined frequency for continuous monitoring as related to overall certification accreditation and security assessments requirements.", "Number": 8, "Version": "1.0", "Name": "Defined Frequency for Continuous Monitoring" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Defined Frequency for Continuous Monitoring", "$id": "TD_ref8" } ]}, "Primary": "false", "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.", "$Type": "TrustInteroperabilityProfile" }