		NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems Nist Paperback. CreateSpace Independent Publishing Platform 2012-02-22. ISBN 9781470109790
		Buy from Amazon.com

Publisher description

This is a Hard copy of the NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems. The objective of performing risk management is to enable the organization to accomplish its mission(s) (1) by better securing the IT systems that store, process, or transmit organizational information; (2) by enabling management to make well-informed risk management decisions to justify the expenditures that are part of an IT budget; and (3) by assisting management in authorizing (or accrediting) the IT systems3 on the basis of the supporting documentation resulting from the performance of risk management. TARGET AUDIENCE This guide provides a common foundation for experienced and inexperienced, technical, and non-technical personnel who support or use the risk management process for their IT systems. These personnel include Senior management, the mission owners, who make decisions about the IT security budget. Federal Chief Information Officers, who ensure the implementation of risk management for agency IT systems and the security provided for these IT systems The Designated Approving Authority (DAA), who is responsible for the final decision on whether to allow operation of an IT system The IT security program manager, who implements the security program Information system security officers (ISSO), who are responsible for IT security IT system owners of system software and/or hardware used to support IT functions. Information owners of data stored, processed, and transmitted by the IT systems Business or functional managers, who are responsible for the IT procurement process Technical support personnel (e.g., network, system, application, and database administrators; computer specialists; data security analysts), who manage and administer security for the IT systems IT system and application programmers, who develop and maintain code that could affect system and data integrity 2 Disclaimer This hardcopy is not published by National Institute of Standards and Technology (NIST), the US Government or US Department of Commerce. The publication of this document should not in any way imply any relationship or affiliation to the above named organizations and Government

More books by Nist

Similar books

Risk Management Guide for Information Technology Systems, and Underlying Technical Models for Info. Technology Security
Paperback
2016
EPA's Information Systems and Data Are a Risk Due to Insufficient Training of Personnel With Significant Information Security Responsibility
Paperback
2016
NIST Special Publication 800-37
Paperback
2016
IT Risk Management Guide
Paperback
2016
NIST Special Publication 800-128 Guide for Security-Focused Configuration Management of Information Systems
Paperback
2016

Rate the book

Write a review and share your opinion with others. Try to focus on the content of the book. Read our instructions for further information.

NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems

Book reviews » NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems