NIST 800-53 REV 5 • ASSESSMENT, AUTHORIZATION, AND MONITORING

CA-7(3)Trend Analyses

Employ trend analyses to determine if control implementations, the frequency of continuous monitoring activities, and the types of activities used in the continuous monitoring process need to be modified based on empirical data.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Trend analyses include examining recent threat information that addresses the types of threat events that have occurred in the organization or the Federal Government, success rates of certain types of attacks, emerging vulnerabilities in technologies, evolving social engineering techniques, the effectiveness of configuration settings, results from multiple control assessments, and findings from Inspectors General or auditors.

Practitioner Notes

This enhancement requires you to analyze security trends over time — not just look at individual findings in isolation. Are things getting better or worse?

Example 1: Create a monthly Power BI or Splunk dashboard showing vulnerability count trends, mean time to remediate, and open POA&M items over the past 12 months.

Example 2: Track your Nessus scan results month-over-month to identify whether critical vulnerability counts are trending down, and brief leadership on the trend quarterly.

More Assessment, Authorization, and Monitoring Controls

CA-1 Policy and Procedures CA-2 Control Assessments CA-2(1) Independent Assessors CA-2(2) Specialized Assessments