Primary Task Response: Within the Discussion Board area, write 400–600 words that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your classmates. Be substantive and clear, and use examples to reinforce your ideas.

There are many different standards for analyzing risk for an organization. The International Standards Organization (ISO) has published the 27000 Series related to information and cybersecurity risk. The National Institute of Standards in Technology (NIST) has published the various Special Publications related to IT and cybersecurity risk as well as the 800 Series.

Conduct research through your text and other course resources and describe the importance of choosing a risk management framework to align business processes with risk. Describe the following frameworks and how they might apply to an organization attempting to align risk to the computing environment:

· ISO - 31000

· ISO - 27001

· ISO - 27002

· ISO - 27005

· NIST SP - 800-37

Explain the following terms:

· Vulnerabilities

· Threats

· Impact levels

Responses to Other Students: Respond to at least 2 of your fellow classmates with at least a 100-word reply about their Primary Task Response. To help you with your discussion, please consider the following questions:

· What did you learn from your classmate's posting?

· What additional questions do you have after reading the posting?

· What clarification do you need regarding the posting?

· What differences or similarities do you see between your posting and other classmates' postings?

For assistance with your assignment, please use your text, Web resources, and all course materials.

Reading Assignment

Unit 3: CYBR613 CTU Library Guide

Managing Risk in Information Systems:

· Chapter 3, pgs. 69–81