{ "$TMF_VERSION": "1.4", "PublicationDateTime": "2021-04-26T00:00:00.000Z", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control PM-14: Testing, Training, and Monitoring.", "Keywords": [ "800-53", "Monitoring", "NIST", "Program Management", "Security", "Testing", "Training" ], "Issuer": { "Identifier": "https://trustmarkinitiative.org/", "PrimaryContact": { "Email": "help@trustmarkinitiative.org", "Telephone": "555-555-5555", "Kind": "PRIMARY", "WebsiteURL": "https://trustmarkinitiative.org/", "Responder": "" }, "Name": "TMI" }, "Sources": [{ "Identifier": "SP800-53R4", "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.", "$id": "source-2112165102" }], "Name": "NIST SP 800-53 r4 Security Control PM-14: Testing, Training, and Monitoring", "TrustExpression": "TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6 and TD_ref7 and TD_ref8 and TD_ref9 and TD_ref10 and TD_ref11 and TD_ref12 and TD_ref13 and TD_ref14 and TD_ref15", "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-pm-14_-testing_-training_-and-monitoring/4/", "Version": "4", "References": {"TrustmarkDefinitionRequirements": [ { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-maintenance-of-security-monitoring-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational information systems are maintained.", "Number": 1, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-maintenance-of-security-monitoring-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational information systems are maintained.", "Number": 1, "Version": "1.0", "Name": "Process Ensuring Maintenance of Security Monitoring Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Maintenance of Security Monitoring Plans", "$id": "TD_ref1" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-monitoring-plans-reviewed---organiational-risk-management-strategy/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews security monitoring plans for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.", "Number": 2, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-monitoring-plans-reviewed---organiational-risk-management-strategy/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews security monitoring plans for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.", "Number": 2, "Version": "1.0", "Name": "Testing, Training, and Monitoring - Security Monitoring Plans Reviewed - Organiational Risk Management Strategy" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Testing, Training, and Monitoring - Security Monitoring Plans Reviewed - Organiational Risk Management Strategy", "$id": "TD_ref2" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-timely-execution-of-security-training-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security training associated with organizational information systems continue to be executed in a timely manner.", "Number": 3, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-timely-execution-of-security-training-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security training associated with organizational information systems continue to be executed in a timely manner.", "Number": 3, "Version": "1.0", "Name": "Process Ensuring Timely Execution of Security Training Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Timely Execution of Security Training Plans", "$id": "TD_ref3" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-maintenance-of-security-testing-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security testing associated with organizational information systems are maintained.", "Number": 4, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-maintenance-of-security-testing-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security testing associated with organizational information systems are maintained.", "Number": 4, "Version": "1.0", "Name": "Process Ensuring Maintenance of Security Testing Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Maintenance of Security Testing Plans", "$id": "TD_ref4" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-training-plans-reviewed---organizational-risk-management-strategy/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews secuirty training plans for consistency with the organizational risk management strategy.", "Number": 5, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-training-plans-reviewed---organizational-risk-management-strategy/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews secuirty training plans for consistency with the organizational risk management strategy.", "Number": 5, "Version": "1.0", "Name": "Testing, Training, and Monitoring - Security Training Plans Reviewed - Organizational Risk Management Strategy" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Testing, Training, and Monitoring - Security Training Plans Reviewed - Organizational Risk Management Strategy", "$id": "TD_ref5" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-development-of-security-training-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implement a process for ensuring that organizational plans for conducting security training associated with organizational information systems are developed.", "Number": 6, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-development-of-security-training-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implement a process for ensuring that organizational plans for conducting security training associated with organizational information systems are developed.", "Number": 6, "Version": "1.0", "Name": "Process Ensuring Development of Security Training Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Development of Security Training Plans", "$id": "TD_ref6" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-testing-plans-reviewed---organization-wide-priorities/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews security testing plans for consistency with organization-wide priorities for risk response actions.", "Number": 7, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-testing-plans-reviewed---organization-wide-priorities/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews security testing plans for consistency with organization-wide priorities for risk response actions.", "Number": 7, "Version": "1.0", "Name": "Testing, Training, and Monitoring - Security Testing Plans Reviewed - Organization-Wide Priorities" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Testing, Training, and Monitoring - Security Testing Plans Reviewed - Organization-Wide Priorities", "$id": "TD_ref7" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-training-plans-reviewed---organization-wide-priorities/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews secuirty training plans for consistency with organization-wide priorities for risk response actions.", "Number": 8, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-training-plans-reviewed---organization-wide-priorities/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews secuirty training plans for consistency with organization-wide priorities for risk response actions.", "Number": 8, "Version": "1.0", "Name": "Testing, Training, and Monitoring - Security Training Plans Reviewed - Organization-Wide Priorities" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Testing, Training, and Monitoring - Security Training Plans Reviewed - Organization-Wide Priorities", "$id": "TD_ref8" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-maintenance-of-security-training-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security training associated with organizational information systems are maintained.", "Number": 9, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-maintenance-of-security-training-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security training associated with organizational information systems are maintained.", "Number": 9, "Version": "1.0", "Name": "Process Ensuring Maintenance of Security Training Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Maintenance of Security Training Plans", "$id": "TD_ref9" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-testing-plans-reviewed---organizational-risk-management-strategy/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews security testing plans for consistency with the organizational risk management strategy.", "Number": 10, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-testing-plans-reviewed---organizational-risk-management-strategy/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews security testing plans for consistency with the organizational risk management strategy.", "Number": 10, "Version": "1.0", "Name": "Testing, Training, and Monitoring - Security Testing Plans Reviewed - Organizational Risk Management Strategy" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Testing, Training, and Monitoring - Security Testing Plans Reviewed - Organizational Risk Management Strategy", "$id": "TD_ref10" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-monitoring-plans-reviewed---organization-wide-priorities/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews security monitoring plans for consistency with organization-wide priorities for risk response actions.", "Number": 11, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/testing_-training_-and-monitoring---security-monitoring-plans-reviewed---organization-wide-priorities/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization reviews security monitoring plans for consistency with organization-wide priorities for risk response actions.", "Number": 11, "Version": "1.0", "Name": "Testing, Training, and Monitoring - Security Monitoring Plans Reviewed - Organization-Wide Priorities" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Testing, Training, and Monitoring - Security Monitoring Plans Reviewed - Organization-Wide Priorities", "$id": "TD_ref11" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-development-of-security-testing-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implement a process for ensuring that organizational plans for conducting security testing associated with organizational information systems are developed.", "Number": 12, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-development-of-security-testing-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implement a process for ensuring that organizational plans for conducting security testing associated with organizational information systems are developed.", "Number": 12, "Version": "1.0", "Name": "Process Ensuring Development of Security Testing Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Development of Security Testing Plans", "$id": "TD_ref12" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-timely-execution-of-security-testing-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security testing associated with organizational information systems continue to be executed in a timely manner.", "Number": 13, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-timely-execution-of-security-testing-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security testing associated with organizational information systems continue to be executed in a timely manner.", "Number": 13, "Version": "1.0", "Name": "Process Ensuring Timely Execution of Security Testing Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Timely Execution of Security Testing Plans", "$id": "TD_ref13" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-development-of-security-monitoring-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational information systems are developed.", "Number": 14, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-development-of-security-monitoring-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational information systems are developed.", "Number": 14, "Version": "1.0", "Name": "Process Ensuring Development of Security Monitoring Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Development of Security Monitoring Plans", "$id": "TD_ref14" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-timely-execution-of-security-monitoring-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational information systems Continue to be executed in a timely manner.", "Number": 15, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/process-ensuring-timely-execution-of-security-monitoring-plans/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational information systems Continue to be executed in a timely manner.", "Number": 15, "Version": "1.0", "Name": "Process Ensuring Timely Execution of Security Monitoring Plans" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Process Ensuring Timely Execution of Security Monitoring Plans", "$id": "TD_ref15" } ]}, "Primary": "false", "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.", "$Type": "TrustInteroperabilityProfile" }