Beschreibung
The purpose of Special Publication 800-30 is to provide guidance for conducting risk assessments of federal information systems and organizations, amplifying the guidance in Special Publication 800-39.
NIST
Weiterführende Links
Das Dokument kann hier heruntergeladen werden.
Schlagwörter
Cost-benefit analysis — residual risk — risk — risk assessment — risk management — risk mitigation — security controls — threat vulnerability
Status
Aktuell: Stand 2021