Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

ITL Bulletin

Conducting Information Security-Related Risk Assessments: Updated Guidelines for Comprehensive Risk Management Programs

Date Published: October 2012


Shirley Radack (NIST)



confidentiality; cyber security; Federal Information Security Management Act; FISMA; information security; information security risk; information systems; information system life cycle; Joint Task Force Transformation Initiative; NIST Special Publications; risk assessments; risk management; Risk Management Framework; security controls; security management; security requirements; security risks; threats; vulnerabilities
Control Families

None selected


Download (pdf)

Supplemental Material:
None available

Document History:
10/25/12: ITL Bulletin (Final)