Page Comparison

...

NIST 800-30: Risk Management Guide for Information Technology Systems defines risk as a function of the likelihood of a given threat-source's exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organization.

...

Vulnerability	Method	Category of Harm	Likelihood	Impact
Impersonation		Perpetrator	Intentional misrepresentation with intent to defraud		Inconvenience, distress or damage to standing or reputation
			Financial loss or agency liability
		Harm to agency programs or public interest
		Unauthorized release of sensitive information
		Civil or criminal violations
Repudiation	Perpetrator	Repudiation to escape accountability	Signer claims "I didn't sign that"	Inconvenience, distress or damage to standing or reputation
		Financial loss or agency liability
		Harm to agency programs or public interest
		Unauthorized release of sensitive information
		Civil or criminal violations
		Inconvenience, distress or damage to standing or reputation
		Financial loss or agency liability
		Harm to agency programs or public interest
		Unauthorized release of sensitive information
		Civil or criminal violations
		Inconvenience, distress or damage to standing or reputation
		Financial loss or agency liability
		Harm to agency programs or public interest
		Unauthorized release of sensitive information
		Civil or criminal violations
		Inconvenience, distress or damage to standing or reputation
		Financial loss or agency liability
		Harm to agency programs or public interest
		Unauthorized release of sensitive information
		Civil or criminal violations

Version	Old Version 4	New Version 5
Changes made by	Larry Talley - NOAA Federal (Unlicensed)	Larry Talley - NOAA Federal (Unlicensed)
Saved on	Sept 05, 2008	Sept 05, 2008

Versions Compared