Is Continuous Compliance Monitoring Part of your Compliance Strategy?

Vidya Balasubramanian
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 22, 2021

Hello All,

My name is Vidya and I am a Product Manager here at Atlassian leading the FedRAMP Compliance effort for Jira and Confluence at Atlassian. In a past life I worked at the Federal Reserve so I understand the importance of certifications/regulations. Continuous monitoring isn’t a new concept; it’s been a concept that has been around for many years. Continuous controls monitoring, CCM, or ConMon, is initially defined by the set of security controls you’re going to operate against (example: NIST, FedRAMP etc) and continuously assess technology assets and processes against these objectives.

At Atlassian we are not only helping our customers meet their organization compliance needs but we are also working on a strategy to continuously monitor around compliance. We believe this can bring significant value to our customers (example: providing a report on access controls for instance, on a monthly basis to our customers can be very valuable)

It will be great to hear from the group on a) Your CCM journey - Is your organization considering CCM as a part of your compliance strategies and where you are in the journey? Do you see something like access to Atlassian ConMon reporting being valuable within your agencies?

1 comment

Comment

Log in or Sign up to comment
Mark Thomas December 10, 2021

Coming from another small federal agency, sure, CCM is an important part of the GRC program. However, our efforts are focused more on the CDM federal mandate which is ramping way up this year and requires a lot more effort.

TAGS
AUG Leaders

Atlassian Community Events