N
|
controlPM-31

Continuous Monitoring Strategy (PM-31)

Develop an organization-wide continuous monitoring strategy and implement continuous monitoring programs that include:

program-managementgovernancestrategy

Why These Connect

Supports53

These related controls work together — a change to one may affect the others.

Related Controls(51)

CA-7Continuous Monitoring (CA-7)
LMH
AC-2Account Management (AC-2)
LMH
AC-6Least Privilege (AC-6)
MH
AC-17Remote Access (AC-17)
LMH
AT-4Training Records (AT-4)
LMH
AU-6Audit Record Review, Analysis, and Reporting (AU-6)
LMH
AU-13Monitoring for Information Disclosure (AU-13)CA-2Control Assessments (CA-2)
LMH
CA-5Plan of Action and Milestones (CA-5)
LMH
CA-6Authorization (CA-6)
LMH
CM-3Configuration Change Control (CM-3)
MH
CM-4Impact Analyses (CM-4)
LMH
CM-6Configuration Settings (CM-6)
LMH
CM-11User-installed Software (CM-11)
LMH
IA-5Authenticator Management (IA-5)
LMH
IR-5Incident Monitoring (IR-5)
LMH
MA-2Controlled Maintenance (MA-2)
LMH
MA-3Maintenance Tools (MA-3)
MH
MA-4Nonlocal Maintenance (MA-4)
LMH
PE-3Physical Access Control (PE-3)
LMH
PE-6Monitoring Physical Access (PE-6)
LMH
PE-14Environmental Controls (PE-14)
LMH
PE-16Delivery and Removal (PE-16)
LMH
PE-20Asset Monitoring and Tracking (PE-20)PL-2System Security and Privacy Plans (PL-2)
LMH
PM-4Plan of Action and Milestones Process (PM-4)PM-6Measures of Performance (PM-6)PM-9Risk Management Strategy (PM-9)PM-10Authorization Process (PM-10)PM-12Insider Threat Program (PM-12)PM-14Testing, Training, and Monitoring (PM-14)PM-23Data Governance Body (PM-23)PM-28Risk Framing (PM-28)PS-7External Personnel Security (PS-7)
LMH
PT-7Specific Categories of Personally Identifiable Information (PT-7)RA-3Risk Assessment (RA-3)
LMH
RA-5Vulnerability Monitoring and Scanning (RA-5)
LMH
RA-7Risk Response (RA-7)
LMH
SA-9External System Services (SA-9)
LMH
SA-11Developer Testing and Evaluation (SA-11)
MH
SC-5Denial-of-service Protection (SC-5)
LMH
SC-7Boundary Protection (SC-7)
LMH
SC-18Mobile Code (SC-18)
MH
SC-38Operations Security (SC-38)SC-43Usage Restrictions (SC-43)SI-3Malicious Code Protection (SI-3)
LMH
SI-4System Monitoring (SI-4)
LMH
SI-12Information Management and Retention (SI-12)
LMH
SR-2Supply Chain Risk Management Plan (SR-2)
LMH
SR-4Provenance (SR-4)SA-24Design For Cyber Resiliency (SA-24)

See Also

@SP 800-53 OverviewCompare Baselines