The National Institute of Standards and Technology (NIST) 800-30 is a special publication designed to provide guidance on risk assessments for federal information systems and organizations. The risk assessments help organizations plan their security strategies and map out areas for improvement and IT security investments.
NIST 800-30 is specifically used to translate cyber risk in a way that can be understood by upper management.
