Capability, Manage and Assess Risk
Capability, Manage and Assess Risk
The program and supporting processes to manage information security risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, and includes: (i) establishing the context for risk-related activities; (ii) assessing risk; (iii) responding to risk once determined; and (iv) monitoring risk over time.
Source: NIST SP 800-12 Rev. 1 | Category: