U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-30

Risk Management Guide for Information Technology Systems

Date Published: July 2002

Supersedes: FIPS 65 (08/01/1979); FIPS 31 (06/01/1974)

Author(s)

Gary Stoneburner (NIST), Alice Goguen (BAH), Alexis Feringa (BAH)

Abstract

Keywords

cost-benefit analysis; residual risk; risk; risk assessment; risk management; risk mitigation; security controls; threat; vulnerability
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-30
Download URL

Supplemental Material:
None available

Document History:
07/01/02: SP 800-30 (Final)