The organization implements a continuous monitoring program that includes a determination of the security impact of changes to the environment of operation.
No STIG checks reference this CCI.