U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST IR 8286C

Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight

Date Published: September 2022

Author(s)

Stephen Quinn (NIST), Nahla Ivy (NIST), Matthew Barrett (CyberESI Consulting Group), Gregory Witte (Huntington Ingalls Industries), Robert Gardner (New World Technology Partners)

Abstract

Keywords

cybersecurity risk management; cybersecurity risk measurement; cybersecurity risk register (CSRR); enterprise risk management (ERM); key performance indicator (KPI); key risk indicator (KRI); risk acceptance; risk aggregation; risk avoidance; risk conditioning; risk mitigation; risk optimization; risk prioritization; risk response; risk sharing; risk transfer
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.IR.8286C
Download URL

Supplemental Material:
See NISTIR 8286 Supplemental Material

Other Parts of this Publication:
IR 8286
IR 8286A
IR 8286B
IR 8286D
IR 8286D

Document History:
01/26/22: IR 8286C (Draft)
09/14/22: IR 8286C (Final)