The following example demonstrates how to apply the continuous monitoring technical reference model to a
risk management domain. Please read the following article and identify a few key lessons learned from it in
relation to what principles and methods you have learned in the Case Assignment.
NIST (2018). The Technical Specification for the Security Content Automation Protocol (SCAP)
Practicing continuous monitoring fundamentals, processes, etc., to one’s own experiences offers an
opportunity to apply what you’ve learned to the real world. Select an information system security domain of
your organization or industry and apply what you learned from the case readings and SLP examples. You can
choose to assess comprehensively, or you can focus on two or three major perspectives and go much more in
depth. You can choose the same security domain in the previous SLP assignment in this course or start with a
SLP Assignment Expectations
Write a 2- to 5-page paper titled:
“Continuous Monitoring for ______ (your chosen information system security domain in your chosen
organization/industry): Challenges and Solutions”
Address the following issues:
Special requirements of continuous monitoring in your chosen information system security domain in your
chosen organization/industry if there are any.
Two perspectives of continuous monitoring that you select for an in-depth discussion.
One or two major lessons learned from the example that you will apply in your own continuous monitoring
Key challenges and solutions of continuous monitoring.