Monitor security controls
Within the NIST RMF application, the Monitor section involves the on-going monitoring of the security controls for targets documenting changes to them or their environments of operation, conducting security impact analyses of the associated changes, and reporting their security state to designated officials.
Monitoring is a critical step in the RMF process. In-effective targets (profiles), controls, and test plans can be continuously monitored and their known risks and issues addressed. Security controls should be automatically monitored where possible using indicators, triggering alerts for remediation.
To continuously monitor a security control, users can use the indicator templates provided with the NIST RMF Use Case Accelerator application, by navigating to . The sample indicator templates and indicators begin with NIST. Users must create new indicators beginning with NIST for monitoring the security controls.