Process of formally evaluating the degree of threat to an information system or enterprise and describing the nature of the threat.
Sources:
CNSSI 4009-2015
under threat assessment
NIST SP 800-30 Rev. 1
under Threat Assessment
from
CNSSI 4009
NIST SP 800-39
under Threat Assessment
from
CNSSI 4009
NISTIR 7622
from
CNSSI 4009
Formal description and evaluation of threat to an information system.
Sources:
NIST SP 800-18 Rev. 1
under Threat Assessment
from
CNSSI 4009
NIST SP 800-53 Rev. 5
under threat assessment
from
CNSSI 4009-2015
NIST SP 800-53A Rev. 5
under threat assessment
from
CNSSI 4009-2015
See threat assessment.
Sources:
CNSSI 4009-2015
under threat analysis
Formal description and evaluation of threat to a system or organization.
Sources:
NIST SP 800-161r1-upd1
[11/1/2024 errata update]
under threat assessment
from
NIST SP 800-53 Rev. 5 - adapted