The ServiceNow® Continuous Authorization and Monitoring application (CAM for short) applies a standardized approach to automating NIST's Risk Management Framework (RMF).

RMF was mandated by the U.S. Federal government to provide the necessary resiliency to support the economic and national security interests of the United States. Continuous Authorization and Monitoring employs the seven steps defined by the RMF to allow you to make better-informed decisions about your security posture.

The life cycle as defined by the RMF

RMF consists of the seven steps illustrated here.