Web Design

Your content goes here. Edit or remove this text inline.

Logo Design

Your content goes here. Edit or remove this text inline.

Web Development

Your content goes here. Edit or remove this text inline.

White Labeling

Your content goes here. Edit or remove this text inline.

VIEW ALL SERVICES 

Discussion – 

0

Discussion – 

0

NIST Guide for Conducting Risk Assessments

NIST has updated the Guide for Conducting Risk Assessments (NIST Special Publication 800-30) to a great extent and the draft is publicly available for comments. The focus of this Guidance is on Risk Assessment as the risk management is covered by another guidance from NIST (SP 800-39).

In today.s world of complex and sophisticated threats, risk assessments are an essential tool for organizations to employ as part of a comprehensive risk management program. Risk assessments can help organizations:

  • Determine the most appropriate risk responses to on going cyber attacks or threats from manmade or natural disasters;
  • Guide investment strategies and decisions for the most effective cyber defences to help protect organizational operations (including missions, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation; and
  • Maintain on going situational awareness with regard to the security state of organizational information systems and the environments in which the systems operate.

though this Guidance is primarily for the federal information systems, it is highly useful for private organizations as well. The draft guidance is available here for download

Tags: NIST

Binoy KL

0 Comments

You May Also Like

IT Risk Management

Risk Management is a key term we keep discussing every now and then when we talk about information security. It often...