This article has been indexed from (ISC)² Blog
Continuous Monitoring (CM) as the ability to maintain ongoing awareness of information security, vulnerabilities, and threats to facilitate risk-based decision making. The ultimate objective of CM is to determine if the security and privacy controls implemented by an organization continue to be effective over time considering the inevitable changes that occur in the environment in which the organization operates. Continuous Monitoring removes the limitations of manual or one-time assessments and facilitates real-time risk management through automating monitoring processes. CM benefits businesses in many ways by providing visibility into undiscovered system components, misconfigurations, vulnerabilities, and unauthorized changes, which can potentially expose…
Read the original article: How Continuous Monitoring is a Driver of Effective Risk Management