SP 800-30r1SP 800Finalpublication

SP 800-30 Rev. 1 - Guide for Conducting Risk Assessments

Provides guidance for conducting risk assessments of federal information systems and organizations. Describes threat sources, threat events, vulnerabilities, impact, and likelihood to help organizations determine risk.

View on NIST.gov

Publication Number

800-30

Series

SP 800

Revision

Status

Final

Date

2012-09

risk assessmentthreat analysisvulnerabilitylikelihoodimpact

References(3)

SP 800-37r2SP 800-37 Rev. 2 - Risk Management Framework for Information Systems and Organizations SP 800-53r5SP 800-53 Rev. 5 - Security and Privacy Controls for Information Systems and Organizations SP 800-161r1SP 800-161 Rev. 1 - Cybersecurity Supply Chain Risk Management Practices