IT Risk Management Framework ( ITRM )
IT Risk Management Framework ( ITRM )
Get In Touch
$Overview
Key activities in managing enterprise-level risk—risk resulting from the operation of an information system: 9Categorize the information system 9Select set of minimum (baseline) security controls 9Refine the security control set based on risk assessment 9Document security controls in system security plan 9Implement the security controls in the information system 9Assess the security controls 9Determine agency-level risk and risk acceptability 9Authorize information system operation 9Monitor security controls on a continuous basis