Risk assessments are an integral part of any organization’s information security program and allow management to decide where effort should be applied to reduce risk to its information assets. This past September, the National Institute of Standards and Technology (NIST) compiled its most recent recommendations, “Guide for Conducting Risk Assessments.”
This on-demand webinar explores the fundamental components of the NIST 800 series risk assessment framework and how this methodology deviates from other common risk assessment practices to create a more effective process.
Josh Stone, Director of Product Management at cprlorca, a premier provider of risk management and compliance technology solutions, explores five insights:
1. Key points of the NIST framework for risk management and assessments
2. Navigating the biggest traps in a risk assessment
3. Leveraging the NIST framework when establishing a baseline of controls
4. Interacting with your organization to collect data
5. Considerations when choosing an analysis approach