Term:Risk Analysis

From FISMApedia
Jump to: navigation, search

CNSSI 4009

Risk Analysis - Examination of information to identify the risk to an IS.

DoD 8580.02-R

Risk Analysis - Examination of information to identify the risk to an information system. DL1.45.

DSS Glossary

Risk Analysis - Method by which individual vulnerabilities are compared to perceived or actual security threat scenarios to determine the likelihood of compromise of critical information.

GAO-09-232G

Risk Analysis - The process of identifying the risks to system security and determining the likelihood of occurrence, the resulting impact, and the additional safeguards that mitigate this impact. Part of risk management and synonymous with risk assessment.

NIST IR 7298

Risk Analysis - The process of identifying the risks to system security and determining the likelihood of occurrence, the resulting impact, and the additional safeguards that mitigate this impact. Part of risk management and synonymous with risk assessment. SOURCE: SP 800-27A

NIST SP 800-27rA

Risk Analysis - The process of identifying the risks to system security and determining the likelihood of occurrence, the resulting impact, and the additional safeguards that mitigate this impact. Part of risk management and synonymous with risk assessment.

NIST SP 800-33

Risk Analysis - The process of identifying the risks to system security and determining the probability of occurrence, the resulting impact, and the additional safeguards that mitigate this impact. Part of risk management and synonymous with risk assessment.

Retrieved from "http://fismapedia.org/index.php?title=Term:Risk_Analysis&oldid=42385"