Performing an Information Security Risk Assessment

There are many standards and frameworks for performing information security risk assessments. This presentation will detail the various standards and frameworks such as NIST Cybersecurity Framework, ISO27005, NIST SP 800-30, Factor Analysis of Information Risk (FAIR) etc. Learn from NRECA’s experience on how to identify risks, determine incident scenarios and then how to translate these into actionable risk treatment plans.


  • Richard Condello – Senior Director, Business Services and Information Security – NRECA