NIST 800-39

NIST SP 800-39

  • Holistic Risk Management: NIST 800-39 emphasizes a holistic view of risk management, considering the organizational, business process, and information system tiers.

  • Three-Tiered Approach: The framework addresses risk management at three levels: organizational, business process, and information system.

  • Beyond Checklist Compliance: Unlike a checklist approach, NIST 800-39 integrates risk management into the company's culture and processes, ensuring a comprehensive understanding of risks.

PreviousGRC FrameworksNextSOC 2

Last updated

Was this helpful?