Professional Documents
Culture Documents
Risk Determined.
-/ Potential Inputs
Authorization Package
Risk Determination
Organization- and System-Level Risk Assessment Results
-/ Expected Outputs
-/ Primary Responsibility:
Authorizing Official
Authorizing Official Designated Representative
New -
o Implement/Assessment
Existing -
o Operations/Maintenance
CSF ALIGNMENT
ID.RA-6 - Risk Assessment: Risk responses are Identified and Prioritized.
Risk Response
References:
NIST SP 800-30
NIST SP 800-39 - Organization, Mission/Business Process and System Levels
NIST SP 800-160 v1 - Risk Management Process
IR 8062
IR 8179
NIST CSF