You need to have JavaScript enabled in order to access this site.

Perform a risk assessment.

Performance includes identifying risks within an ICS. Performance should consider the effects of unmitigated risks (e.g., system downtime and financial effects).

Teacher Resources:

Guide for Conducting Risk Assessments (NIST SP 800-30) (https://csrc.nist.gov/publications/detail/sp/800-30/rev-1/final Links to an external site.)
Managing Information Security Risk: Organization, Mission, and Information System View (NIST SP 800-39) (https://csrc.nist.gov/publications/detail/sp/800-39/final Links to an external site.)
The factor analysis information risk (FAIR) Institute (https://www.fairinstitute.org/ Links to an external site.)

Process/Skill Questions:

Why is system downtime detrimental?
Why are risk assessments important? What resources may assist with a risk assessment?
Who should be involved in a risk assessment?