NIST Special Publication 800-39, Managing Information Security

NIST Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View

The purpose of Special Publication 800-39 is to provide guidance for an integrated, organization-wide program for managing information security risk to organizational operations (i.e., mission, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation resulting from the operation and use of federal information systems. Special Publication 800-39 provides a structured, yet flexible approach for managing information security risk that is intentionally broad-based, with the specific details of assessing, responding to, and monitoring risk on an ongoing basis provided by other supporting NIST security standards and guidelines. The guidance provided in this publication is not intended to replace or subsume other risk-related activities, programs, processes, or approaches that organizations have implemented or intend to implement addressing areas of risk management covered by other legislation, directives, policies, programmatic initiatives, or mission/business requirements. Rather, the information security risk management guidance described herein is complementary to and can be used as part of a more comprehensive Enterprise Risk Management (ERM) program.

Country	USA
Author	nist
Binding	Paperback
EAN	9781494836344
ISBN	1494836343
Label	CreateSpace Independent Publishing Platform
Manufacturer	CreateSpace Independent Publishing Platform
NumberOfPages	98
PublicationDate	2013-12-29
Publisher	CreateSpace Independent Publishing Platform
Studio	CreateSpace Independent Publishing Platform
ReleaseDate	0000-00-00

NIST Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View