The book provides the complete strategic understanding requisite to allow a person to create and use the RMF process recommendations for risk management. This will be the case both for applications of the RMF in corporate training situations, as well as for any individual who wants to obtain specialized knowledge in organizational risk managemen
The book provides the complete strategic understanding requisite to allow a person to create and use the RMF process recommendations for risk management. This will be the case both for applications of the RMF in corporate training situations, as well as for any individual who wants to obtain specialized knowledge in organizational risk management. It is an all-purpose roadmap of sorts aimed at the practical understanding and implementation of the risk management process as a standard entity. It will enable an "application" of the risk management process as well as the fundamental elements of control formulation within an applied context.
Introduction to Organizational Security Risk Management. Survey of
Existing Risk Management Models. Step 1 Categorize Information and
Information Systems. Step 2 Select Security Controls. Step 3 Implement
Security Controls. Step 4 Assess Security Controls. Step 5 Authorize
Information Systems. Step 6 Monitor Security State. Practical Application
to the Implementation of the NIST Risk Management Framework.
Anne Kohnke, Ken Sigler, Dan Shoemaker
