The program and supporting processes to manage information security risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, and includes:
- establishing the context for risk-related activities,
- assessing risk,
- responding to risk once determined, and
- monitoring risk over time.
Comments
0 comments
Please sign in to leave a comment.