NIST has a presentation of sorts I have used from their Risk Management Framework website you may want to take a look at... if I understand your questions correctly this may help you out...

-----Original Message-----
From: [] On Behalf Of Mike LeBlanc
Sent: Tuesday, May 06, 2008 2:11 PM
To: Firewall Wizards Security Mailing List
Subject: [fw-wiz] Help With Risk Assessment
Importance: High

I am looking for guidance on creating a matrix for a IT risk assessment.
I am using the methdology from NIST SP 800-30 and am looking for specific
line items to add to the matrix. Any help or pointers you can provide are
appreciated in advance. While looking for something complete I am not
looking for exhaustive (but can pare that down if need be).

Thanks in advance for any help,

firewall-wizards mailing list
firewall-wizards mailing list