Process of formally evaluating the degree of threat to an information system or enterprise and describing the nature of the threat.
Sources:
CNSSI 4009-2015
under threat assessment
Formal description and evaluation of threat to an information system.
Sources:
NIST SP 800-53 Rev. 5
under threat assessment
from
CNSSI 4009-2015
NIST SP 800-53A Rev. 5
under threat assessment
from
CNSSI 4009-2015
See threat assessment.
Sources:
CNSSI 4009-2015
Formal description and evaluation of threat to a system or organization.
Sources:
NIST SP 800-161r1
under threat assessment
from
NIST SP 800-53 Rev. 5 - adapted