800-53|CA-7

Title

CONTINUOUS MONITORING

Description

The organization develops a continuous monitoring strategy and implements a continuous monitoring program that includes:

Supplemental

Continuous monitoring programs facilitate ongoing awareness of threats, vulnerabilities, and information security to support organizational risk management decisions. The terms continuous and ongoing imply that organizations assess/analyze security controls and information security-related risks at a frequency sufficient to support organizational risk-based decisions. The results of continuous monitoring programs generate appropriate risk response actions by organizations. Continuous monitoring programs also allow organizations to maintain the security authorizations of information systems and common controls over time in highly dynamic environments of operation with changing mission/business needs, threats, vulnerabilities, and technologies. Having access to security-related information on a continuing basis through reports/dashboards gives organizational officials the capability to make more effective and timely risk management decisions, including ongoing security authorization decisions. Automation supports more frequent updates to security authorization packages, hardware/software/firmware inventories, and other system information. Effectiveness is further enhanced when continuous monitoring outputs are formatted to provide information that is specific, measurable, actionable, relevant, and timely. Continuous monitoring activities are scaled in accordance with the security categories of information systems.

Reference Item Details

Related: CA-2,CA-5,CA-6,CM-3,CM-4,PM-6,PM-9,RA-5,SA-11,SA-12,SI-2,SI-4

Category: SECURITY ASSESSMENT AND AUTHORIZATION

Family: SECURITY ASSESSMENT AND AUTHORIZATION

Priority: P2

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
18.8.22.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.8.22.1.4 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.4 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.8.22.1.5 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.5 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.8.22.1.10 (L2) Ensure 'Turn off the 'Order Prints' picture task' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.10 (L2) Ensure 'Turn off the 'Order Prints' picture task' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.8.22.1.11 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.11 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.8.22.1.12 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.12 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.8.22.1.13 (L2) Ensure 'Turn off Windows Customer Experience Improvement Program' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.13 (L2) Ensure 'Turn off Windows Customer Experience Improvement Program' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.8.22.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' - DisabledWindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.8.22.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' - DisabledWindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' - DoReportWindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.8.22.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' - DoReportWindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.10.43.10.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v2.0.0 L2 + BL
18.10.43.10.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v2.0.0 L2 + BL + NG
18.10.43.10.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v2.0.0 L2 + NG
18.10.43.10.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v2.0.0 L2
18.10.43.10.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 11 v2.0.0 L2
18.10.43.10.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 11 v2.0.0 L2 + BL + NG
18.10.43.10.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 11 v2.0.0 L2 + NG
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L2
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L2 + BL + NG
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L2 + BL
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Windows Server 2012 DC L2 v3.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Windows Server 2012 MS L2 v3.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Windows Server 2012 R2 DC L2 v3.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L2
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L2 + BL
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L2 + NG
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Windows Server 2012 R2 MS L2 v3.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled'WindowsCIS Microsoft Windows 10 EMS Gateway v2.0.0 L1
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2019 DC L2 v2.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Windows Server 2016 DC L2 v2.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2022 v2.0.0 L2 DC
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 11 Stand-alone v2.0.0 L2
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 11 Stand-alone v2.0.0 L2 + BL
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L2 + BL
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2019 Standalone DC L2 v1.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2016 MS L2 v2.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2022 v2.0.0 L2 MS
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server 2019 MS L2 v2.0.0
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L2
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L2 + NG
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L2 + BL + NG
18.10.43.12.1 Ensure 'Configure Watson events' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows Server Standalone 2019 Standalone MS L2 v1.0.0