Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Is Continuous Compliance Monitoring Part of your Compliance Strategy?

Vidya Balasubramanian
Vidya Balasubramanian
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Sep 22, 2021

Hello All,

My name is Vidya and I am a Product Manager here at Atlassian leading the FedRAMP Compliance effort for Jira and Confluence at Atlassian. In a past life I worked at the Federal Reserve so I understand the importance of certifications/regulations. Continuous monitoring isn’t a new concept; it’s been a concept that has been around for many years. Continuous controls monitoring, CCM, or ConMon, is initially defined by the set of security controls you’re going to operate against (example: NIST, FedRAMP etc) and continuously assess technology assets and processes against these objectives.

At Atlassian we are not only helping our customers meet their organization compliance needs but we are also working on a strategy to continuously monitor around compliance. We believe this can bring significant value to our customers (example: providing a report on access controls for instance, on a monthly basis to our customers can be very valuable)

It will be great to hear from the group on a) Your CCM journey - Is your organization considering CCM as a part of your compliance strategies and where you are in the journey? Do you see something like access to Atlassian ConMon reporting being valuable within your agencies?

Comment
Watch
Like # people like this
1577 views

1 comment

Comment

Log in or Sign up to comment
Mark Thomas
Mark Thomas Dec 10, 2021

Coming from another small federal agency, sure, CCM is an important part of the GRC program. However, our efforts are focused more on the CDM federal mandate which is ramping way up this year and requires a lot more effort.

Like
Reply
groups-icon
Government
TAGS
AUG Leaders

Atlassian Community Events

See all events