Security - News

The fifth in the series of risk management and information security guidelines. This publication changes the focus of Special Publication 800-30, originally published as a risk management guideline. NIST Special Publication 800-39 has now replaced Special Publication 800-30 as the authoritative source of comprehensive risk management guidance. The update to Special Publication 800-30 focuses exclusively on risk assessments, one of the four steps in the risk management process. The risk assessment guidance in Special Publication 800-30 has been significantly expanded to include more in-depth information on a wide variety of risk factors essential to determining information security risk (e.g., threat sources and events, vulnerabilities and predisposing conditions, impact, and likelihood of threat occurrence). A three-step process is described including key activities to prepare for risk assessments, activities to successfully conduct risk assessments, and approaches to maintain the currency of assessment results.

Autor: JP

Heuristické vyhledání souvisejících článků v archívu NEWS

• Zpráva spole?nosti PwC: Risk in review 2012. Rethinking risk management for new market realities
• Americký NIST vydal finální draft: Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal information Systems and Organizations
• NIST - Special Update - Special Publication 800-53 Revision 2
• NIST - Special Publication 800-26 Revision 1, Guide for Information Security Program Assessments and System Reporting Form
• NIST - Draft Special Publication 800-104, A Scheme for PIV Visual Card Topography. NIST Draft Special Publication 800-104