The purpose of Special Publication 800-39 is to provide guidance for an integrated organization-wide program for managing information security risk to organizational operations (i.e. mission functions image and reputation) organizational assets individuals other organizations and the Nation resulting from the operation and use of federal information systems. Special Publication 800-39 provides a structured yet flexible approach for managing information security risk that is intentionally broad-based with the specific details of assessing responding to and monitoring risk on an ongoing basis provided by other supporting NIST security standards and guidelines. The guidance provided in this publication is not intended to replace or subsume other risk-related activities programs processes or approaches that organizations have implemented or intend to implement addressing areas of risk management covered by other legislation directives policies programmatic initiatives or mission/business requirements. Source: https://www.artikelschreiber.com/en/.