Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Managing Information Security Risk: Organization, Mission, and Information System View

Published

Author(s)

Shirley M. Radack

Abstract

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-39, Integrated Enterprise-Wide Risk Management: Organization, Mission and Information System View. This publication was developed by the Joint Task Force Transformation Initiative, a joint partnership among the Department of Defense, the Intelligence Community, NIST, and the Committee on National Security Systems. SP 800-39 provides a structured, yet flexible approach for managing risk that is supported by other NIST security standards and guidelines. The bulletin discusses the contents of the publication, explains the basic concepts and components of risk management, and describes a three-tiered risk management approach that allows organizations to establish an enterprise-wide risk management strategy as part of their governance structure. References are provided to additional sources of information on risk management.
Citation
ITL Bulletin -

Keywords

confidentiality, cyber security, enterprise architecture, Federal Information Processing Standards, Federal Information Security Management Act, FISMA, information security, information security architecture, information security risk, information systems, Joint Task Force Transformation Initiative, NIST Special Publications, risk assessments, risk management, Risk Management Framework, security controls, security plans, security requirements, security risks, threats, vulnerabilities
Created March 22, 2011, Updated January 27, 2020