NIST SP 800-30
E532551
NIST SP 800-30 is a National Institute of Standards and Technology guidance document that provides a structured methodology for conducting risk assessments in information security.
All labels observed (1)
| Label | Occurrences |
|---|---|
| NIST SP 800-30 canonical | 2 |
How this entity was disambiguated
This entity first appeared as the object of triple T5562059 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: NIST SP 800-30 Context triple: [Special Publications, hasPart, NIST SP 800-30]
-
A.
NIST SP 800-67
NIST SP 800-67 is a NIST Special Publication that provides technical guidance and recommendations for the use and implementation of the Triple Data Encryption Algorithm (TDEA/3DES) in federal information systems.
-
B.
NIST SP 800 series
The NIST SP 800 series is a collection of special publications from the U.S. National Institute of Standards and Technology that provide guidelines, recommendations, and technical specifications for information security and risk management.
-
C.
ISO/IEC 27005
ISO/IEC 27005 is an international standard that provides guidelines for information security risk management within an organization’s overall information security management system.
-
D.
ISO/IEC 27035
ISO/IEC 27035 is an international standard that provides guidelines and best practices for managing and responding to information security incidents within organizations.
-
E.
ISO/IEC 27003
ISO/IEC 27003 is an international standard that provides guidance on implementing and managing an information security management system (ISMS) in accordance with ISO/IEC 27001.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: NIST SP 800-30 Target entity description: NIST SP 800-30 is a National Institute of Standards and Technology guidance document that provides a structured methodology for conducting risk assessments in information security.
-
A.
NIST SP 800-67
NIST SP 800-67 is a NIST Special Publication that provides technical guidance and recommendations for the use and implementation of the Triple Data Encryption Algorithm (TDEA/3DES) in federal information systems.
-
B.
NIST SP 800 series
The NIST SP 800 series is a collection of special publications from the U.S. National Institute of Standards and Technology that provide guidelines, recommendations, and technical specifications for information security and risk management.
-
C.
ISO/IEC 27005
ISO/IEC 27005 is an international standard that provides guidelines for information security risk management within an organization’s overall information security management system.
-
D.
ISO/IEC 27035
ISO/IEC 27035 is an international standard that provides guidelines and best practices for managing and responding to information security incidents within organizations.
-
E.
ISO/IEC 27003
ISO/IEC 27003 is an international standard that provides guidance on implementing and managing an information security management system (ISMS) in accordance with ISO/IEC 27001.
- F. None of above. chosen
Statements (49)
| Predicate | Object |
|---|---|
| instanceOf |
NIST Special Publication
ⓘ
information security standard ⓘ risk assessment guideline ⓘ |
| appliesTo |
federal information systems
ⓘ
information systems ⓘ information technology ⓘ |
| author | National Institute of Standards and Technology NERFINISHED ⓘ |
| countryOfOrigin |
United States of America
ⓘ
surface form:
United States
|
| defines |
impact
ⓘ
likelihood ⓘ risk ⓘ risk assessment process ⓘ risk factors ⓘ threat events ⓘ threat sources ⓘ vulnerabilities ⓘ |
| field |
cybersecurity
ⓘ
information security ⓘ risk management ⓘ |
| focusesOn | risk assessment ⓘ |
| language | English ⓘ |
| objective |
to provide guidance for conducting risk assessments of federal information systems
ⓘ
to support effective information security risk management ⓘ |
| partOf | NIST Special Publication 800 series NERFINISHED ⓘ |
| provides |
guidance for determining impact of adverse events
ⓘ
guidance for determining likelihood of adverse events ⓘ guidance for determining risk levels ⓘ guidance for identifying threats ⓘ guidance for identifying vulnerabilities ⓘ structured methodology for conducting risk assessments ⓘ |
| publisher | National Institute of Standards and Technology NERFINISHED ⓘ |
| recommends |
documenting risk assessment results
ⓘ
ongoing monitoring of risk ⓘ periodic risk assessments ⓘ |
| relatedTo |
FIPS 199
NERFINISHED
ⓘ
FIPS 200 NERFINISHED ⓘ NIST SP 800-37 NERFINISHED ⓘ NIST SP 800-39 NERFINISHED ⓘ |
| supports | NIST Risk Management Framework NERFINISHED ⓘ |
| targetAudience |
information system security officers
ⓘ
risk executives ⓘ senior information security officers ⓘ system owners ⓘ |
| usedBy |
federal agencies
ⓘ
information security practitioners ⓘ risk managers ⓘ |
| usedFor |
conducting information security risk assessments
ⓘ
supporting risk-based decision making ⓘ supporting system authorization decisions ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: NIST SP 800-30 Description of subject: NIST SP 800-30 is a National Institute of Standards and Technology guidance document that provides a structured methodology for conducting risk assessments in information security.
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.