Strategy that addresses how organizations intend to assess risk, respond to risk, and monitor risk—making explicit and transparent the risk perceptions that organizations routinely use in making both investment and operational decisions. Sources: NIST SP 800-160 Vol. 2 Rev. 1
NIST SP 800-39
Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.
Comments about the glossary's presentation and functionality should be sent to email@example.com.