NIST releases publications for evaluating enterprise risk targeted at IT, telecom sectors

The National Institute of Standards and Technology has released two draft publications targeted at the information and communications technology sector to help organizations with enterprise risk management.

“The increasing dependency on ICT means that all enterprises must ensure ICT risks receive the appropriate attention along with other risk disciplines – legal, financial, etc. – within their enterprise risk management (ERM) programs. These documents and resources are intended to help ICT risk practitioners at all levels of the enterprise, in private...