Skip to content
Home / Function (NIST CSF 2.0) / ID - Identify / RA - Risks Asst

NIST SP 800-221 Enterprise Impact of Information and Communications Technology Risk: Governing and Managing ICT Risk Programs Within an Enterprise Risk Portfolio

This document focuses on:

NIST SP 800-221 serves as the critical functional bridge between enterprise-level strategy and technical delivery, focusing on the Enterprise Impact of Information and Communications Technology (ICT) Risk. It moves beyond narrow security vulnerabilities to address the broader systemic risks inherent in the modern digital supply chain, such as data integrity, service availability, and asset management. By providing a framework for identifying how ICT failures propagate through business processes, this publication ensures that technical dependencies are transparent and that IT risk is managed as a fundamental component of the organization’s overall risk profile.


Publication's URL

https://csrc.nist.gov/pubs/sp/800/221/final

Additional documents on this topic



How would you rate this document ?

Click on a star to rate it!

What do you think of this document?

Your email address will not be published. Required fields are marked *