STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 7 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← All Controls

CA-7

Assessment, Authorization, and MonitoringRev 5

Continuous Monitoring

CCI Identifiers (23)

CCI-000274Develop a continuous monitoring strategy.CCI-000275The organization implements a continuous monitoring program that includes a configuration management process for the information system.CCI-000276The organization implements a continuous monitoring program that includes a configuration management process for the information system constituent components.CCI-000277The organization implements a continuous monitoring program that includes a determination of the security impact of changes to the information system.CCI-000278The organization implements a continuous monitoring program that includes a determination of the security impact of changes to the environment of operation.CCI-000279Implement ongoing control assessments in accordance with the continuous monitoring strategy.CCI-000280Implement a continuous monitoring program that includes reporting the security status to organization-defined personnel or roles on an organization-defined frequency.CCI-000281Defines the frequency with which to report the security status to organization-defined personnel or roles.CCI-001581The organization defines personnel or roles to whom the security status of the organization and the information system should be reported.CCI-002087Establish organization-defined system-level metrics to be monitored.CCI-002088Establish organization-defined frequencies for monitoring.CCI-002089The organization establishes and defines the frequencies for assessments supporting continuous monitoring.CCI-002090Implement ongoing monitoring of system and organization-defined metrics in accordance with the continuous monitoring strategy.CCI-002091Implement a continuous monitoring program that includes correlation and analysis of information generated by assessments and monitoring.CCI-002092Implement a continuous monitoring program that includes response actions to address results of the analysis of control assessment and monitoring information.CCI-003873Implement continuous monitoring in accordance with the organization-level continuous monitoring strategy.CCI-003874Defines the system-level metrics to be monitored.CCI-003875Establish organization-defined frequencies for assessment of control effectiveness.CCI-003876Defines the frequencies for monitoring of control effectiveness.CCI-003877Defines the frequencies for assessment of control effectiveness.CCI-003878Develop ongoing control assessments in accordance with the continuous monitoring strategy.CCI-003879Implement a continuous monitoring program that includes reporting the privacy status to organization-defined personnel or roles on an organization-defined frequency.CCI-003880Defines the frequency with which to report the privacy status to organization-defined personnel or roles.

Linked STIG Checks (0)

No STIG checks reference this control.