Part 6: Assessment, Authorization and Monitoring (CA)

It’s great that you have matured your Assessment, Authorization and Monitoring (CA) process to level 4 but does that include ALL of your systems? Rogue applications are often found on corporate networks,  increasing your attack surface area. The risk of attack can be reduced if the detection of un-assessed applications (and data) are included in your (quarterly/annual) pen tests..  VIdeo