Chris Hoover

Continuous Monitoring Updates

Blog Post created by Chris Hoover Employee on May 5, 2014

Continuous monitoring (CM) continues to be a hot topic in the information assurance world. DHS CDM and CMaaS purchases and planning continue to lumber forward.  Version 2 of our CM solution will launch this year and reflects the latest thinking in CM risk scoring and presentation.


So, I wanted to make some updates to a three-part blog on continuous monitoring I did last year.


I have decided to create a three-part series of white papers on the subject to allow for greater detail and to include some reference tables. There were a lot of things I couldn’t cover in enough detail and some new developments have unfolded in the meantime.


Part 1 covers common misconceptions and provides definitions, an introduction and brief history of CM and is available here.


Part 2 in this series will address monitoring strategy including the frequency and method of assessments, and will be available in early June.


Part 3 will cover strategies for managing assessment costs and will be available in late June.


Lastly, there is still plenty of time to register for RSA Archer’s 2014 GRC Summit.  I will be at the summit, giving demonstrations of our forthcoming A&A and CM version 2 solutions. Hope to see you there!



As always, please email me with comments or questions