NIST SP 800-39
E700393
NIST SP 800-39 is a NIST special publication that provides guidance for managing information security risk at the organizational, mission/business process, and information system levels.
All labels observed (1)
| Label | Occurrences |
|---|---|
| NIST SP 800-39 canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T7934735 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: NIST SP 800-39 Context triple: [NIST SP 800 series, includes, NIST SP 800-39]
-
A.
NIST SP 800-82
NIST SP 800-82 is a NIST cybersecurity guidance document focused on securing industrial control systems and operational technology environments.
-
B.
NIST SP 800-160
NIST SP 800-160 is a National Institute of Standards and Technology cybersecurity engineering guideline that provides systems security engineering principles and practices for developing trustworthy, secure systems.
-
C.
NIST SP 800-115
NIST SP 800-115 is a National Institute of Standards and Technology guideline that provides a technical framework and best practices for conducting information security testing and assessments.
-
D.
NIST SP 800-37
NIST SP 800-37 is a key NIST cybersecurity guideline that defines the Risk Management Framework (RMF) for managing information security and privacy risk in federal information systems.
-
E.
NIST SP 800-218
NIST SP 800-218 is a National Institute of Standards and Technology publication that provides secure software development framework guidance for organizations.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: NIST SP 800-39 Target entity description: NIST SP 800-39 is a NIST special publication that provides guidance for managing information security risk at the organizational, mission/business process, and information system levels.
-
A.
NIST SP 800-82
NIST SP 800-82 is a NIST cybersecurity guidance document focused on securing industrial control systems and operational technology environments.
-
B.
NIST SP 800-160
NIST SP 800-160 is a National Institute of Standards and Technology cybersecurity engineering guideline that provides systems security engineering principles and practices for developing trustworthy, secure systems.
-
C.
NIST SP 800-115
NIST SP 800-115 is a National Institute of Standards and Technology guideline that provides a technical framework and best practices for conducting information security testing and assessments.
-
D.
NIST SP 800-37
NIST SP 800-37 is a key NIST cybersecurity guideline that defines the Risk Management Framework (RMF) for managing information security and privacy risk in federal information systems.
-
E.
NIST SP 800-218
NIST SP 800-218 is a National Institute of Standards and Technology publication that provides secure software development framework guidance for organizations.
- F. None of above. chosen
Statements (45)
| Predicate | Object |
|---|---|
| instanceOf |
NIST Special Publication
ⓘ
information security guideline ⓘ |
| abbreviation | SP 800-39 NERFINISHED ⓘ |
| appliesTo | public sector organizations in the United States ⓘ |
| category |
cybersecurity standard
ⓘ
risk management standard ⓘ |
| countryOfOrigin |
United States of America
ⓘ
surface form:
United States
|
| defines |
organization-wide risk management strategy
ⓘ
risk assessment ⓘ risk framing ⓘ risk management tiers ⓘ risk monitoring ⓘ risk response ⓘ |
| focus |
managing information security risk at the information system level
ⓘ
managing information security risk at the mission/business process level ⓘ managing information security risk at the organizational level ⓘ |
| governingBody | National Institute of Standards and Technology NERFINISHED ⓘ |
| intendedAudience |
chief information officers
ⓘ
information security professionals ⓘ information system owners ⓘ risk executives ⓘ senior leaders ⓘ |
| issuedBy |
Information Technology Laboratory
NERFINISHED
ⓘ
U.S. Department of Commerce NERFINISHED ⓘ |
| language | English ⓘ |
| objective |
to integrate information security risk management into organizational risk management
ⓘ
to promote organization-wide risk-aware decision making ⓘ |
| promotes |
alignment of information security with organizational objectives
ⓘ
continuous monitoring of risk ⓘ tiered approach to risk management ⓘ |
| providesGuidanceFor |
federal agencies
ⓘ
federal information systems ⓘ |
| publicationType | federal information processing guideline ⓘ |
| publisher | National Institute of Standards and Technology NERFINISHED ⓘ |
| relatedTo |
NIST Risk Management Framework
NERFINISHED
ⓘ
NIST SP 800-30 NERFINISHED ⓘ NIST SP 800-37 NERFINISHED ⓘ NIST SP 800-53 NERFINISHED ⓘ |
| scope |
information systems
ⓘ
mission and business processes ⓘ organization-wide information security risk ⓘ |
| series | NIST Special Publication 800-series NERFINISHED ⓘ |
| subject |
information security risk management
ⓘ
risk management framework ⓘ |
| title | Managing Information Security Risk: Organization, Mission, and Information System View NERFINISHED ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: NIST SP 800-39 Description of subject: NIST SP 800-39 is a NIST special publication that provides guidance for managing information security risk at the organizational, mission/business process, and information system levels.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.