Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

This is an archive
(replace .gov by .rip)

SP 800-30 Rev. 1

Guide for Conducting Risk Assessments

Date Published: September 2012

Supersedes: SP 800-30 (July 2002)

Author(s)

Joint Task Force Transformation Initiative

Abstract

Keywords

Cost-benefit analysis; residual risk; risk; risk assessment; risk management; risk mitigation; security controls; threat vulnerability
Control Families

Security Assessment and Authorization; Planning; Program Management; Risk Assessment; System and Services Acquisition;