Risk assessment expert witnesses may opine on risk management, risk management plans, and the risk management process. In Comprehensive Risk Assessment Guidance for Federal Information Systems, the National Institute of Standards and Technology writes:
Risk assessment is the topic of the newest special publication from the National Institute of Standards and Technology. Guide for Conducting Risk Assessments, an extensive update to its original 2002 publication, is the authoritative source of comprehensive risk assessment guidance for federal information systems, and is open for public comments through November 4.