Question: The NIST Risk Management Framework ( SP - 8 0 0 - 3 7 Rev . 1 ) uses three tiers to describe integration across

The NIST Risk Management Framework (SP-800-37 Rev.1) uses three tiers to describe integration across an organization and vertically between strategic risks and tactical (operational) risks. Which of the following is not one of those tiers?
Question 20 options:
Organization (governance)
Information System (environment of operation)
Mission/Business Process (information & information flow)
System Development/Operation (security lifecycle)

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related General Management Questions!

Q:

Management must understand what needs to change. A culture of performance excellence is very different from a traditional management culture. Many traditional practices stem from the fundamental...

Q:

QUESTIONS: CASE BARRICK GOLD INTEGRATING ESG INTO THE (POST-MERGER) EXECUTIVE PERFORMANCE SCORECARDPlease, give recommendations to the balance scorecard. How do you see de merger? Which are your...

Q:

QUESTIONS: CASE BARRICK GOLD INTEGRATING ESG INTO THE (POST-MERGER) EXECUTIVE PERFORMANCE SCORECARDPlease, give recommendations to the balance scorecard. The proposed metrics for a revised executive...

Q:

Even though strategic planning in a digital age has a shorter time horizon than in the past ( i . e . , 3 - year goals instead of 1 0 - year goals ) , you should still have a long - range vision to...

Q:

Write a report for MYOB Group Limited, it should including: Budgets and Performance Measures 1. Look for your company's mission statement or statement that sets out the overall philosophy and...

Q:

WELLS FARGO & COMPANY March 16, 2016 Dear Stockholder, The 2016 annual meeting of stockholders of Wells Fargo & Company will be held on April 26, 2016 at 8:00 a.m., Mountain Standard Time, at the...

Q:

Spotlighting opportunities for business in Africa and strategies to succeed in the world's next big growth market Acha Leke @achaleke - Senior Partner and Chairman of Africa Region, McKinsey &...

Q:

Information Security Risk Management ITC6315 Assignment 2 Assignment For this exercise, read the provided case study about AcmeHealth, and rate the risk exposure for each finding related to the...

Q:

Sustainability & Corporate Social Responsibility at GE \"GE should be commended for a bold approach to climate issues. However, the company has a long way to go before it can legitimately claim to be...

Q:

You are charged with designing an occupational health and safety compliance training program for generic company--see Dyson article copied below: Choose a company in any of the following industries:...

Q:

Reno entered into a contract with his 17- year- old son by which the son agreed to support the father in consideration of the fathers transfer of certain property to the son immediately. The son...

Q:

The best Promotion method in B2B sales channel is: A. Advertising a lot on television B. Giving the client a discount if they purchase more than 10 products C. Building a trustful relationship with...

Q:

According to the Intercollegiate Athletics Department Agreed-Upon Procedures (AUP) Report for 2023, how much revenue did the University of Utah Athletics Department receive from student fees (please...

Q:

Bond X is noncallable and has 20 years to maturity, a 9% annual coupon, and a $1,000 par value. Your required return on Bond X is 12%; if you buy it, you plan to hold it for 5 years. You (and the...