Risk Assessor

Risk Assessor definition in Computer Security terms:

Acronym(s): None

Definition(s): The individual, group, or organization responsible for conducting a risk assessment.
Source(s): CNSSI 4009-2015 (NIST SP 800-30 Rev. 1)
NIST SP 800-30

The individual, group, or organization responsible for conducting a risk assessment. Risk Executive (Function) An individual or group within an organization that helps to ensure that: (i) security risk-related considerations for individual information systems, to include the authorization decisions, are viewed from an organization-wide perspective with regard to the overall strategic goals and objectives of the organization in carrying out its missions and business functions; and (ii) managing information system-related security risks is consistent across the organization, reflects organizational risk tolerance, and is considered along with other organizational risks affecting mission/business success.
Source(s): NIST SP 800-37 Rev. 1 (NIST SP 800-30)

Synonym(s): None

 

reference: CSRC Glossary