Five - Risk Assessment Methodologies - NIST 800-30

While there is no universal IT risk assessment and management methodology, there are several well known methodologies. Some of these methods are listed in table.

Process: To select one of the methodologies. Research the specific method and prepare a brief online report. I have chosen the NIST 800-30 Risk Management Guide for Information Technology Systems Recommendations of NIST.

This report should include one or more of the followings:

• a brief hostory of the methodology
• its major components
• the environment in which it is likely to be utilized