< All Topics

The program and supporting processes to manage information security risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, and includes:

  • establishing the context for risk-related activities,
  • assessing risk,
  • responding to risk once determined, and
  • monitoring risk over time.

Source: CNSSI 4009

Click to rate this post!
[Total: 0 Average: 0]
Previous Risk Assessment
Next Security Policy
Table of Contents