NIST SP 800 30 Flow Chart
Upcoming SlideShare
Loading in...5
×
 

NIST SP 800 30 Flow Chart

on

  • 672 views

NIST SP 800 30 Flow Chart

NIST SP 800 30 Flow Chart

Statistics

Views

Total Views
672
Views on SlideShare
670
Embed Views
2

Actions

Likes
1
Downloads
7
Comments
0

1 Embed 2

http://www.linkedin.com 2

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-ShareAlike LicenseCC Attribution-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

NIST SP 800 30 Flow Chart NIST SP 800 30 Flow Chart Document Transcript

  • Risk Assessment Activities Output Step 1. System Characterization •System Boundary •System Functions •System and Data •Criticality •System and Data •Sensitivity •History of system attack (________) •Data from IM -30 & CI Step 2. Threat Identification Threat Statement •Reports from prior risk assessments •Any audit comments •Security requirements •Security test results Step 3. Vulnerability Identification List of Potential Vulnerabilities Step 4. Control Analysis List of Current and Planned Controls Step 5. Likelihood Determination Likelihood Rating Step 6. Impact Analysis •Loss of Integrity •Loss of Availability •Loss of Confidentiality Impact Rating Step 7. Risk Determination Risks and Associated Risk Levels Step 8. Control Recommendations Recommended Controls Input •Hardware •Software •System interfaces •Data and information •People •System mission •Current controls •Planned controls •Threat source motivation •Threat capacity •Nature of vulnerability •Current controls •Mission impact analysis •Asset criticality assessment •Data criticality •Data sensitivity •Likelihood of threat exploitation •Magnitude of impact •Adequacy of planned or current controls Step 9. Results Documentation Risk Assessment Report