dhs enterprise horizon continuous monitoring service
dhs enterprise horizon continuous monitoring service
dhs enterprise horizon continuous monitoring service
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Potential FISMA Compliance Visibility<br />
Functionality<br />
Comprehensive data<br />
collection, all systems<br />
evaluated<br />
Data hosting and format<br />
Patch reports<br />
Vulnerabilities in<br />
environment<br />
Correlating vulnerability<br />
information and scan results<br />
Trending and historical<br />
accountability<br />
O&M <strong>service</strong> visibility<br />
ORR artifact preparation<br />
Quality/consistency controls<br />
Horizon Compliance Process<br />
• Automated; collected as frequently as source system data is<br />
updated -- nightly, weekly, monthly<br />
• Centralized system with distributed component<br />
responsibilities — validation to Change Management<br />
Database (CMDB) is enforced<br />
• Central high-availability database system; browser access;<br />
<strong>enterprise</strong> summary data drillable to component, system,<br />
device, and element<br />
• Integrated into dashboard; separate reporting eliminated<br />
• Integrated into dashboard within the wild awareness;<br />
separate reporting need eliminated<br />
• Ability to identify and address critical systems<br />
Automated in dash reporting structure<br />
Ability to track progress of FISMA and object-level scores,<br />
with ability to demonstrate cause of score change<br />
Complete traceability to <strong>service</strong> providers and their scores<br />
Facilitated via dashboard reporting<br />
High-quality data with cross-CMDB validation<br />
Value<br />
to Cost<br />
November 13, 2013<br />
5