Integrate a continuous monitoring program into organizational security governance structures and policies