NIST SP800-39.pdfINTRODUCTION THE NEED FOR INTEGRA

文件名称: NIST SP800-39.pdf

所属分类: 其它

开发工具:

文件大小: 1mb

下载次数: 0

上传时间: 2020-02-14

提供者: sam****

下载 (1mb)

不能下载？报告错误

详细说明：INTRODUCTION THE NEED FOR INTEGRATED ORGANIZATION-WIDE RISK MANAGEMENT nformation technology is widely recognized as the engine that drives the U.S. economy, giving industry a competitive advantage in global markets, enabling the federal government to provide better services to its citizens, and facilitating greater productivity as a nation. Organizations5 in the public and private sectors depend on technology-intensive information systems6 to successfully carry out their missions and business functions. Information systems can include diverse entities ranging from high-end supercomputers, workstations, personal computers, cellular telephones, and personal digital assistants to very specialized systems (e.g., weapons systems, telecommunications systems, industrial/process control systems, and environmental control systems). Information systems are subject to serious threats that can have adverse effects on organizational operations (i.e., missions, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation by exploiting both known and unknown vulnerabilities to compromise the confidentiality, integrity, or availability of the information being processed, stored, or transmitted by those systems. Threats to information and information systems can include purposeful attacks, environmental disruptions, and human/machine errors and result in great harm to the national and economic security interests of the United States. Therefore, it is imperative that leaders and managers at all levels understand their responsibilities and are held accountable for managing information security risk—that is, the risk associated with the operation and use of information systems that support the missions and business functions of their organizations.

(系统自动生成,下载前可以参看下载内容)