U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST IR 8286D

Using Business Impact Analysis to Inform Risk Prioritization and Response

Date Published: November 2022

Author(s)

Stephen Quinn (NIST), Nahla Ivy (NIST), Julie Chua (U.S. Department of Health and Human Services), Matthew Barrett (CyberESI Consulting Group), Larry Feldman (Huntington Ingalls Industries), Daniel Topper (Huntington Ingalls Industries), Gregory Witte (Huntington Ingalls Industries), Robert Gardner (New World Technology Partners)

Abstract

Keywords

business impact analysis; cybersecurity risk management; cybersecurity risk register; enterprise risk management; information and communications technology
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.IR.8286D
Download URL

Supplemental Material:
See NISTIR 8286 Supplemental Material

Other Parts of this Publication:
IR 8286
IR 8286A
IR 8286B
IR 8286C

Document History:
06/09/22: IR 8286D (Draft)
11/17/22: IR 8286D (Final)