Deliverable of the ENISA ad hoc Working Group on National Risk Management Preparedness

This document presents the outcome of an ENISA Working Group on National Risk Management (NRM) preparedness (see the definitions below). It sets out the elements of a framework for the governance of NRM (see definitions) in relation to a country’s Critical Information Infrastructure (CII). As such it deals only with the management of information security risk in those critical information infrastructures, rather than risk management in the broader sense.