Glossary

Filter:
# A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
R
R&D
RAC
RAM
RAT
RC4
RD
RED
REL
RF
RFC
RFE
RFP
RKV
RL
RMR
RO
ROM
RPM
RQT
RSA
Rsh
RSN
RTI
RTM
RTS
Run
RWX
Risk Management
  • The total process to identify, control, and minimize the impact of uncertain events. The objective of the risk management program is to reduce risk and obtain and maintain DAA approval. The process facilitates the management of security risks by each level of management throughout the system life cycle. The approval process consists of three elements: risk analysis, certification, and approval. (AFR 205-16; AFR 700-10) 2
  • . An element of managerial science concerned with the identification, measurement, control, and minimization of uncertain events. An effective risk management program encompasses the following four phases: a. Risk assessment, as derived from an evaluation of threats and vulnerabilities. b. Management decision. c. Control implementation. d. Effectiveness review. (AR 380-380)
  • The total process of identifying, measuring, and minimizing uncertain events affecting AIS resources. It includes risk analysis, cost benefit analysis, safeguard selection, security test and evaluation, safeguard implementation, and systems review. (DODD 5200. 28)
  • The total process of identifying, controlling, and eliminating or minimizing uncertain events that may affect system resources. lt indudes risk analysis, cost benefit analysis, selection, implementation and test, security evaluation of safeguards, and overall security review. (NCSC-TG-0004-88)