Skip to main content

The 1-day course on Information Security Continuous Monitoring provides participants with a focused overview of the strategies, tools, and best practices involved in maintaining ongoing ATO compliance in accordance with the NIST SP 800-137.

Live online events

  • 18 June
    1 day, 10:00 AM EDT - 05:00 PM EDT
    • PD hours: 8
    • $850.00 excl.
  • 05 September
    1 day, 10:00 AM EDT - 05:00 PM EDT
    • PD hours: 8
    • $850.00 excl.
None of these dates work for you? Suggest another date & time


ISCM Fundamentals is a one-day supplemental training program that focuses on Information Security Continuous Monitoring, a cornerstone of the Risk Management Framework (RMF). Topics include:

  • ISCM Roles and Responsibilities
  • ISCM Process
  • NIST SP 800-137
    • Step 1 - Define Strategy
    • Step 2 – Establish ISCM Program
    • Step 3 – Implement
    • Step 4 – Analyze and Report
    • Step 5 – Respond to Findings
    • Step 6 – Review and Update ISCM Technologies
  • ISCM Challenges & Pitfalls

Practical Guidance on ISCM automation and support tools are provided.  Student exercises, collaboration, and case studies are used to reinforce the concepts taught in the class. The course content of Information Security Continuous Monitoring (ISCM) is geared to meet the needs of a diverse audience covering the spectrum of management, operational and technical roles. Students will gain thorough knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation.

Course Prerequisites

While no prerequisites are required for enrollment in this course, possessing a foundational comprehension of information security principles and a grasp of compliance and regulatory standards is advantageous. Familiarity with concepts like confidentiality, integrity, availability, risk assessment, and vulnerability management is beneficial. Prior experience or training in the Risk Management Framework is recommended to enhance your learning experience.

Who Should Attend

The Continuous Monitoring training program is suitable for government employees and contractors in DoD, federal “civil” agencies and the intelligence community, particularly those responsible for managing and monitoring security posture on an ongoing basis.

Private Group Classes

If you have a group of students (normally 8 or more), any of our training programs can be delivered at your site (in a suitable classroom facility), or in our Online Personal Classroom. Group classes offer significant savings over individual class registrations; the larger the class, the greater the savings.

Please click here to request a quote.

Similar courses