From the course: Implementing the NIST Risk Management Framework
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
How to determine in-scope systems
From the course: Implementing the NIST Risk Management Framework
How to determine in-scope systems
- [Tutor] The purpose of the risk management frameworks categorized step is to guide and inform subsequent risk management processes and tasks by determining the adverse impact to the organization with respect to the compromise or loss of organizational assets, including the confidentiality, integrity, and availability of organizational systems and information processed, stored, and transmitted by those systems. This step shows you how to classify the criticality of the information and system, according to potential worst case scenarios with an adverse impact to the organization. Once you've prepared your organization for using the NIST RMF, you can move to the categorize step. This is where you set the scope of your RMF activity, based on the assets importance to the organization. It's basically grouping the system, or systems, under review for this process. When categorizing your assets, not everything needs to be protected…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.