Continuous Monitoring is the fourth phase of the security certification and accreditation process.
What activities are performed in the Continuous Monitoring process? Each correct answer
represents a complete solution. Choose all that apply.
A.
Security accreditation decision
B.
Security control monitoring and impact analyses of changes to the information system
C.
Security accreditation documentation
D.
Configuration management and control
E.
Status reporting and documentation
Explanation:
Continuous Monitoring is the fourth phase of the security certification and
accreditation process. The Continuous Monitoring process consists of the following three main
activities: Configuration management and control Security control monitoring and impact analyses
of changes to the information system Status reporting and documentation The objective of these
tasks is to observe and evaluate the information system security controls during the system life
cycle. These tasks determine whether the changes that have occurred will negatively impact the
accreditation documentation are the two tasks of the security accreditation phase.