![NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems](//coverdb.com/reviewUS/w100/ae1/9781470109790.jpg) |
|
NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems
Nist
Paperback. CreateSpace Independent Publishing Platform 2012-02-22.
ISBN 9781470109790
|
|
|
Buy from Amazon.com
|
Publisher description
This is a Hard copy of the NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems. The objective of performing risk management is to enable the organization to accomplish its mission(s) (1) by better securing the IT systems that store, process, or transmit organizational information; (2) by enabling management to make well-informed risk management decisions to justify the expenditures that are part of an IT budget; and (3) by assisting management in authorizing (or accrediting) the IT systems3 on the basis of the supporting documentation resulting from the performance of risk management. TARGET AUDIENCE This guide provides a common foundation for experienced and inexperienced, technical, and non-technical personnel who support or use the risk management process for their IT systems. These personnel include Senior management, the mission owners, who make decisions about the IT security budget. Federal Chief Information Officers, who ensure the implementation of risk management for agency IT systems and the security provided for these IT systems The Designated Approving Authority (DAA), who is responsible for the final decision on whether to allow operation of an IT system The IT security program manager, who implements the security program Information system security officers (ISSO), who are responsible for IT security IT system owners of system software and/or hardware used to support IT functions. Information owners of data stored, processed, and transmitted by the IT systems Business or functional managers, who are responsible for the IT procurement process Technical support personnel (e.g., network, system, application, and database administrators; computer specialists; data security analysts), who manage and administer security for the IT systems IT system and application programmers, who develop and maintain code that could affect system and data integrity 2 Disclaimer This hardcopy is not published by National Institute of Standards and Technology (NIST), the US Government or US Department of Commerce. The publication of this document should not in any way imply any relationship or affiliation to the above named organizations and Government
More books by Nist
Similar books
Rate the book
Write a review and share your opinion with others. Try to focus on the content of the book. Read our instructions for further information.
NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems
Book reviews » NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems
|
|
![NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems](/images/background.gif) |
![NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems](/images/background.gif) |
|
|
|