security risk management Archives

New publication fundamentally changes federal information security risk management

The National Institute of Standards and Technology (NIST) has published the final version of a special publication that can help organizations to more effectively integrate information security risk planning into their mission-critical functions and…

2 publications recommend organization-wide IT security risk management

Two new draft publications from the National Institute of Standards and Technology (NIST) provide the groundwork for a three-tiered risk-management approach that encompasses computer security risk planning from the highest levels of management to th…