Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

This is an archive
(replace .gov by .rip)

SP 800-30

Risk Management Guide for Information Technology Systems

Date Published: July 2002

Withdrawn: September 01, 2012

Superseded By: SP 800-30 Rev. 1 (September 2012)
Supersedes: FIPS 31 (June 1974); FIPS 65 (August 1975)

Author(s)

Gary Stoneburner (NIST), Alice Goguen (BAH), Alexis Feringa (BAH)

Abstract

Keywords

cost-benefit analysis; residual risk; risk; risk assessment; risk management; risk mitigation; security controls; threat; vulnerability
Control Families

None selected

Documentation

Publication:
SP 800-30 (DOI)
Local Download

Supplemental Material:
None available