Risk Management Framework for Information Systems and Organizations : NIST
Risk Management Framework for
Information Systems and Organizations
A System Life Cycle Approach for Security and Privacy by
U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology
INTRODUCTION
THE NEED TO MANAGE SECURITY AND PRIVACY RISK
Organizations depend on information systems to carry out their missions and business functions. The success of the missions and business functions depends on protecting the confidentiality, integrity, availability of information processed, stored, and transmitted by those systems and the privacy of individuals. The threats to information systems include equipment failure, environmental disruptions, human or machine errors, and purposeful attacks that are often sophisticated, disciplined, well-organized, and well-funded. When successful, attacks on information systems can result in serious or catastrophic damage to organizational operations and assets, individuals, other organizations, and the Nation Therefore, it is imperative that organizations remain vigilant and that senior executives, leaders, and managers throughout the organization understand their responsibilities and are accountable for protecting organizational assets and for managing risk.
https://media.licdn.com/dms/document/C561FAQGeoNn_BXk3-A/feedshare-document-pdf-analyzed/0?e=1560855600&v=beta&t=BhUhAoAiforLIC-3TBnYO69bEsmGUo6AGurODG69AZ8
U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology
INTRODUCTION
THE NEED TO MANAGE SECURITY AND PRIVACY RISK
Organizations depend on information systems to carry out their missions and business functions. The success of the missions and business functions depends on protecting the confidentiality, integrity, availability of information processed, stored, and transmitted by those systems and the privacy of individuals. The threats to information systems include equipment failure, environmental disruptions, human or machine errors, and purposeful attacks that are often sophisticated, disciplined, well-organized, and well-funded. When successful, attacks on information systems can result in serious or catastrophic damage to organizational operations and assets, individuals, other organizations, and the Nation Therefore, it is imperative that organizations remain vigilant and that senior executives, leaders, and managers throughout the organization understand their responsibilities and are accountable for protecting organizational assets and for managing risk.
https://media.licdn.com/dms/document/C561FAQGeoNn_BXk3-A/feedshare-document-pdf-analyzed/0?e=1560855600&v=beta&t=BhUhAoAiforLIC-3TBnYO69bEsmGUo6AGurODG69AZ8
Comments
Post a Comment
Please share your valuable comments and thoughts on this article. Thanks!