NIH | National Cancer Institute | NCI Wiki  


Please be advised that NCI Wiki will be will be undergoing maintenance on Monday, June 24th between 1000 ET and 1100 ET.
Wiki will remain available, but users may experience screen refreshes or HTTP 502 errors during the maintenance period. If you encounter these errors, wait 1-2 minutes, then refresh your page.

If you have any questions or concerns, please contact the CBIIT Atlassian Management Team.

Systems enter the Continuous Monitoring (CM) Phase, Step 6 of the NIST Risk Management Framework (RMF), after achieving authorization to operate (ATO).  The purpose of this phase is to provide oversight and monitoring of the security controls in the information system on an ongoing basis and to inform the Authorizing Official (AO) when changes occur that may impact the security of the system. CM consists of three tasks:

  1.  Configuration management and control;
  2.  Security control monitoring; and
  3.  Status reporting and documentation, which are performed continuously throughout the life cycle of an information system.
  • No labels