NIST 800-30 Risk Assessment


Risk Assessment requires that Management identify, assess, measure, mitigate, and monitor those risks that may be present due to the type of services offered and the systems employed to deliver those services. Generally scoped out risk assessments are asset focused and qualitative in nature. In a qualitative approach we will assign a rating to each risk and countermeasure that is derived from a consensus opinion of E3 and the organization being tested. We will develop scenarios to lay out the possible threats their potential likelyhood and impact. We then factor in compensating and mitigating controls to determine the residual risk the organization may have in regards to their critical assets.


The NIST 800-30 Risk assessment framework is widely recognized as one of the most comprehensive risk assessment processes. E3 has more than 15 years experience guiding both large and small, state and federal agencies through the NIST 800 30 risk assessment. The key thing to understand is that adopting this framework gives an organization an ongoing process to continually assess and manage risk related to its IT Assets.

Are you interested in E3 Services? Do you want more information or a proposal? For more information or to receive a Request For Proposal questionnaire please contact us toll-free at (866) 585-8324 or via email at webmaster@e3tech.net.
— Exceeding Every Expectation