Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Is Continuous Compliance Monitoring Part of your Compliance Strategy?

Vidya Balasubramanian
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Sep 22, 2021

Hello All,

My name is Vidya and I am a Product Manager here at Atlassian leading the FedRAMP Compliance effort for Jira and Confluence at Atlassian. In a past life I worked at the Federal Reserve so I understand the importance of certifications/regulations. Continuous monitoring isn’t a new concept; it’s been a concept that has been around for many years. Continuous controls monitoring, CCM, or ConMon, is initially defined by the set of security controls you’re going to operate against (example: NIST, FedRAMP etc) and continuously assess technology assets and processes against these objectives.

At Atlassian we are not only helping our customers meet their organization compliance needs but we are also working on a strategy to continuously monitor around compliance. We believe this can bring significant value to our customers (example: providing a report on access controls for instance, on a monthly basis to our customers can be very valuable)

It will be great to hear from the group on a) Your CCM journey - Is your organization considering CCM as a part of your compliance strategies and where you are in the journey? Do you see something like access to Atlassian ConMon reporting being valuable within your agencies?

1 comment


Log in or Sign up to comment

Coming from another small federal agency, sure, CCM is an important part of the GRC program. However, our efforts are focused more on the CDM federal mandate which is ramping way up this year and requires a lot more effort.

AUG Leaders

Atlassian Community Events