Continuous compliance is an ongoing process of monitoring IT assets to ensure compliance with regulatory security standard benchmarks.
Continuous monitoring, is like Continuous complince but it takes into account all other security threats, in addition to regulation. Continuous Monitoring is an automated process by which DevOps personnel can observe and detect compliance issues and security threats during each phase of the DevOps pipeline.
Continuous Auditing is any method used by auditors to perform audit-related activities on a more continuous or continual basis.
Auditing can be done at different gates within the DevOps pipeline and Monitoring comes in at the end of the DevOps pipeline.
Finally Continuous Assurance is the combination of continuous auditing and continuous monitoring.
------------------------------
Serge Abel SAI
Cloud Security Expert
Fortica Cybersecurite
------------------------------
Original Message:
Sent: Nov 17, 2021 09:38:58 AM
From: Jenna Morrison
Subject: Continuous Monitoring/Assurance/Compliance/Auditing?
Hello everyone!
From Module 5 of the CCAK training -
What is the difference between:
- Continuous Monitoring
- Continuous Assurance
- Continuous Compliance
- Continuous Auditing
I would love everyone's thoughts, feedback, answers. Thanks :)
------------------------------
Jenna Morrison
Training Department Intern
Cloud Security Alliance
------------------------------