Continuous Authorization and Monitoring

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Continuous Authorization and Monitoring

    Continuous Authorization and Monitoring (CAM) integrates the seven steps of the NIST Risk Management Framework (RMF) to enhance decision-making regarding security posture. This application automates the RMF, enabling organizations to effectively identify and mitigate risks associated with their infrastructure.

    Show full answer Show less

    Key Features

    • Automated RMF Application: CAM standardizes and automates the NIST RMF processes.
    • Seven RMF Steps:
      • Prepare: Establish authorization boundaries and create the authorization package.
      • Categorize: Assess the criticality of the information system based on worst-case scenarios.
      • Select Controls: Choose baseline controls following approved impact levels.
      • Implement Controls: Apply selected controls and take necessary actions.
      • Assess Controls: Evaluate both internal and external controls.
      • Generate POA&M: Create Plans of Action and Milestones.
      • Manage Changes: Handle change requests and address vulnerabilities.
    • CAM Workspace: A centralized hub for continuous monitoring and compliance management with NIST RMF standards.
    • Assessment Objectives: Built-in assessment objectives aligned with NIST 800-53A revision 5 control objectives.

    Key Outcomes

    By utilizing CAM, ServiceNow customers can ensure ongoing compliance with security policies, effectively manage risks, and streamline the authorization process in line with federal requirements. The CAM application enhances operational efficiency and provides a structured approach to security management.

    Next Steps

    To get started, download CAM from the ServiceNow Store and follow the provided checklist for configuration. The CAM plugin is available as a separate subscription and requires activation. For further assistance, explore the ServiceNow Community or contact Customer Service and Support.

    Continuous Authorization and Monitoring (CAM) employs the seven steps defined by the NIST Risk Management Framework (RMF) to allow you to make better-informed decisions about your security posture.

    The video gives you an overview of the seven steps of the Risk Management Framework mandated by the US government for federal agencies that help companies to identify and eliminate risks to their infrastructure.

    Get started

    Request apps on the Store

    Visit the ServiceNow Store to view all the available apps, and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    The Continuous Authorization and Monitoring (com.sn_irm_cont_auth_monitor) plugin is available as a separate subscription and requires activation.

    Troubleshoot and get help