This 146-page workbook provides a methodology and toolset to help you better identify, assess, and manage cybersecurity risks faced by your organization. A properly implemented risk management plan enables your organization to maintain availability of critical infrastructure, and the integrity and privacy of sensitive data while keeping costs low.
The workbook guides you though developing a cybersecurity risk management plan by using a series of fillable worksheets and exercises. It is organized into four parts:
Identify – Identifying your organization’s key terrain and potential adverse events that may impact your information systems or operations. These events could occur in cyberspace, physical space, or both.
Assess – Analyzing and assessing potential adverse events to determine risk.
Manage – Determining how risk is to be addressed given your organization’s resource constraints.
Maintain – Maintaining, implementing, and exercising your risk management plan, and updating it as events occur or situations change.
In addition to the physical workbook, you will also receive access to our digital repository that contains editable soft copies of the worksheets and tools.