From the course: Implementing the NIST Risk Management Framework
Join today to access over 24,900 courses taught by industry experts.
Scenario: Continuous monitoring examples
From the course: Implementing the NIST Risk Management Framework
Scenario: Continuous monitoring examples
What are some typical ways organizations continuously monitor their environment? The most efficient and least expensive method is to inject security throughout the project management and system development lifecycle. As a security consultant, I do this by introducing security and privacy control requirements at the beginning of all projects. In the planning and analysis phase, I monitor any new projects and work with project managers to build security into whatever is being developed. Next, during design and implementation, I make sure security testing is completed to ensure risks are known and the end product will meet control requirements. Once the system is in production, I take part in change control meetings to assess how the change may impact security or privacy controls. Whenever possible, security should formally approve any changes prior to implementation. With security as a part of the change management process, it's easier to catch potential issues earlier before a data…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.