Guiding Questions

Outputs

References and resources for Data Assessment

Data Assessment:

• Activity: "Backup Matrix: Creating an Information Map" (LevelUp)

• Activity: ["Identifying and prioritizing your organization’s

information types "](http://csrc.nist.gov/publications/nistir/ir7621/nistir-7621.pdf#page=18) (NISTIR 7621)

• Guide: "Data Risk Checker: Categorizing harm levels on knowledge assets to inform mitigation and protection" (Responsible Data Forum wiki)

• Guide: "Awareness and Training" (Information Security Handbook: A Guide for Managers - NIST 800-100)

• Guide: "Managing Information Security Risk: Organization, Mission, and Information System View" (NIST 800-39)

• Guide: "Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)" (NIST 800-122)