Overview of continuous authorization and monitoring

• Monitoring and managing security from the CAM Workspace Home page

  The CAM Workspace is a centralized hub where you can continuously monitor and manage compliance of users and systems with the NIST Risk Management Framework to ensure adherence to your security policies and guidelines.

• View the dashboards to monitor and manage your NIST security posture

  Access the CAM Overview, AO Overview, and SCA Overview dashboards from the CAM Workspace to monitor and analyze data and view CAM reports.

• Monitor and manage CAM tasks

  Use the Tasks page to address the approvals, control attestations, and all other items that are assigned to you and to your group.

• Managing POA&Ms issues

  In CAM application, all issues related to an authorization package are called as Plan of Actions and Milestones (POA&Ms). The issues can be package issues, or control issues, engagement issues, or control test issues that are related to the package.

• View reports on authorization boundary elements

  Use the Authorization Boundary page to define the parameters of security measure for your organization.

• View package details in CAM Workspace

  Use the authorization package overview page to view documents and evidence that help you to assess your organization's security posture.

• ATO artifacts for an authorization package

  Generate Authority to Operate (ATO) artifacts such as System Security Plan (SSP), Security Assessment Report (SAR), Plan of Actions and Milestones (POA&Ms), Security Assessment Plan (SAP), Authority to Operate (ATO Letter), and Executive Summary from an authorization package in Microsoft Word format.

• Exporting Catalog, Profile, and SSP in OSCAL format

  CAM supports the Open Security Controls Assessment Language (OSCAL) used by the National Institute of Standards and Technology (NIST) that provides control-related information in standardised machine readable formats. Currently, CAM supports Catalog, Profile, and SSP models.