Vulnerability Assessment and Management (VAM)

From CyberEdWiki
Jump to: navigation, search

Vulnerability Assessment and Management conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations. [NIST SP 800-181]

The Vulnerability Assessment and Management NICE Framework Specialty Area contains the following Work Roles: