Home / Blogs

FISMA Focus: Continuously Monitoring the Cyber-Levee

NIST’s release of their initial public draft of SP 800-137, Guide for Continuous Monitoring of Information Systems and Organizations will create a set of challenges for the federal cybersecurity community. Agencies and contractors will need to shape the document through the multi-stage revision process while continuing to implement their own continuous monitoring measures.

To assist stakeholders in developing a response to the initial draft, subsequent drafts and implementation of the final document, the Center for Regulatory Effectiveness (CRE) has created FISMA Focus, an interactive public docket on federal cybersecurity policies. FISMA Focus includes a discussion forum dedicated to SP 800-137. The forum will allow comments, analyses and detailed supporting documents in various formats to be posted for discussion. Users will be free to post their own materials or comment on materials already posted.

To ensure ease of use and to preserve user anonymity where such anonymity is desired, FISMA Focus requires no registration. Users are free to identify themselves or not in any posting. CRE will screen all user-submitted posts for spam or other inappropriate material (obscenity, etc.) but we do not discriminate against any viewpoint. To the contrary, CRE welcomes and needs diverse perspectives on continuous monitoring and other FISMA issues.

Although NIST’s continuance monitoring guidance document is the first issue that FISMA Focus is addressing, additional issues will be added based on the views and needs of stakeholders.

CRE created FISMA Focus to spur discussion of federal information security issues with the aim of improving the development, operation and management of our nation’s cybersecurity infrastructure. The success of this project will depend on our readers. We look forward to your participation.

FISMA Focus may be found at http://www.thecre.com/fisma/.

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byVerisign

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC


Sponsored byDNIB.com