48 HOURS ONLY: Get 2 free months of Insider Pro!

3.4 NIST 800-39 Risk Assessment

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Course
Time
6 hours 30 minutes
Difficulty
Advanced
CEU/CPE
7
Video Transcription
00:01
now we talked about framing risks, right? Putting your risks in context, looking at all the variables that will impact your risk. But what about the other elements of the triangle here at the top? Assess.
00:14
Next we have respond, and then we have monitor, and we see again that all of those elements gonna feed into each other back and forth. Well, if we take a look at risk assessment when we conduct a risk assessment, what we're looking at doing is identifying, estimating and prioritising risk
00:34
as they relate to the organization as a whole or individual missions or assets or whatever.
00:40
And again, we have another risk, Um, framework 800-30 that covers risk assessment in its entirety. So I'm not gonna spend it on the time here, But what we're doing with risk assessment, we're determining a value for the risk. We're collecting information.
01:00
We are analyzing that information, and we want to find out
01:03
with the appropriate mitigation strategy is, and that's what risk assessments do is they drive your risk response
Up Next