This phase of the security lifecycle is designed to actively monitor your security program for issues that could lead to compromise or failure. Measuring the performance data from your network security infrastructure against the goals stated in your security policies ensures that business objectives are being maintained. During this phase non-compliant systems and events can trigger specific actions, as outlined in the policy, including a re-evaluation of the policy and corresponding procedures.

Organizations need to realize that security is one of the most dynamic elements of the IT infrastructure. Online security threats require constant vigilance and consistent action.