The phase 0 of Risk Management Framework (RMF) is known as strategic risk assessment planning. Which of the following processes take place in phase 0? Each correct answer represents a complete solution. Choose all that apply.
A. Review documentation and technical data.
B. Apply classification criteria to rank data assets and related IT resources.
C. Establish criteria that will be used to classify and rank data assets.
D. Identify threats, vulnerabilities, and controls that will be evaluated.
E. Establish criteria that will be used to evaluate threats, vulnerabilities, and controls.
A. Review documentation and technical data.
B. Apply classification criteria to rank data assets and related IT resources.
C. Establish criteria that will be used to classify and rank data assets.
D. Identify threats, vulnerabilities, and controls that will be evaluated.
E. Establish criteria that will be used to evaluate threats, vulnerabilities, and controls.