History
- Priority
- must
- Nov 2018
- Removed
- The fundamentals of risk management don’t need to be duplicated within this publication.
- 2017
- Agencies must document identified information security risks, as well as the evaluation ofthose risks and mitigation strategies, in their Security Risk Management Plan.
- 2015
- Agencies must document identified information security risks, as well as the evaluation ofthose risks and mitigation strategies, in their Security Risk Management Plan.