Risk Assessment

Get Certified Get Ahead

The process of identifying risks to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, resulting from the operation of an information system. Part of risk management, incorporates threat and vulnerability analyses, and considers mitigations provided by security controls planned or in place. Synonymous with risk analysis. 

See the following under Risk Assessment for more information:
NIST SP 800-137.
NIST SP 800-18 Rev. 1 NIST SP 800-30.
NIST SP 800-63-3.
NIST SP 800-39.
NIST SP 800-53A Rev. 4.
NIST SP 800-37 Rev. 1.
NIST SP 800-53 Rev. 4.

The process of identifying risks to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, resulting from the operation of a system.  

See NIST SP 800-171 Rev. 2 NIST SP 800-30 for more information. 

Share this Post