This step is a continuous monitoring of the security parameters. Monitoring will be performed both by the security team for specific security violations, the Service Desk for reported violations, and Event Monitoring for triggers against certain security events. Should the security team detect a violation in this step it is important that an Incident be initiated and an investigation ensure, including any immediate possible mitigating actions. This violation should also be documented such that a log of security impacting events is created and studied for future improvements in the Security Plan. The Security information should be maintained in the CMS.