Chapter 6

Risk Management

Information in this chapter:

• Introduction to Risk Management

• Federal Information Security Risk Management Practices

• Overview of Enterprise-Wide Risk Management

• NIST Risk Management Process

• Comparing the NIST and ISO/IEC Risk Management Processes

Introduction to Risk Management

The role of risk management within the federal government has evolved from focusing primarily on the assessment of risk1 associated within a single information system2 to an integration of risk-related activities that involves all levels3 of the organization.4By recognizing that organizations5 are operating in highly complex, interconnected environments using state-of-the-art and legacy information systems [1], the application of ...

Get Federal Cloud Computing now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.