Performing an Information Security Risk Assessment

There are many standards and frameworks for performing information security risk assessments. This presentation will detail the various standards and frameworks such as ISO27005, NIST SP 800-30, Factor Analysis of Information Risk (FAIR) etc. Learn from NRECA’s experience on how to identify risks, determine incident scenarios and then how to translate these into actionable risk treatment plans.


  • Richard Condello – Senior Director – NRECA