Beschreibung

The purpose of Special Publication 800-30 is to provide guidance for conducting risk assessments of federal information systems and organizations, amplifying the guidance in Special Publication 800-39. 

NIST

Weiterführende Links

Das Dokument kann hier heruntergeladen werden.

Schlagwörter

Cost-benefit analysis — residual risk — risk — risk assessment — risk management — risk mitigation — security controls — threat vulnerability

Status

Aktuell: Stand 2021