The ServiceNow® Continuous Authorization and Monitoring application (CAM for short) applies a standardized approach to automating NIST's Risk Management Framework (RMF).
RMF was mandated by the U.S. Federal government to provide the necessary resiliency to support the economic and national security interests of the United States. Continuous Authorization and Monitoring employs the seven steps defined by the RMF to allow you to make better-informed decisions about your security posture.
CAM is an accelerator that sits ON TOP of the core GRC applications. So, understanding how the core GRC applications work is the best place to start. We have a lot of training related to this - both on demand and instructor led. Take a look at this article to get more details on what is available to understand the core GRC concepts: https://www.servicenow.com/community/new-customers-policy-risk/grc-training-what-is-available-what-s...
CAM not a topic that is covered in on demand or instructor led training. However, there are several resources that will help you understand it. Here is list of what I have found - if others have more resources - please add them!
Product Documentation
There is a very good section on CAM in Product Docs - here is the link to the first article: https://docs.servicenow.com/bundle/utah-governance-risk-compliance/page/product/grc-cam/concept/cam-...
There is a checklist to set up CAM. There is a description of what an authorization package is. All total there are more than 10 articles in this section. I would probably start with these.
In addition to Product Docs - there are several YouTube videos on CAM. Here is a good playlist starting point:
https://www.youtube.com/playlist?list=PLQLFpjXuhTZ6TweNRHzRBf3BgoJbPD7e3
This playlist includes 3 "Ask the Expert" recordings, plus a few other things.
Hopefully, this will get you started if you need more information on CAM.
