Managing Information Security Risks: The OCTAVESM Approach

3.2. Mapping Attributes and Outputs to the OCTAVE Method

The OCTAVE Method is consistent with the principles, attributes, and outputs of the OCTAVE approach described in Chapter 2. This section illustrates how the attributes and outputs map to the OCTAVE Method. Since Chapter 2 provided a mapping between principles and attributes, we do not explicitly map the principles to the OCTAVE Method here.

3.2.1. Attributes and the OCTAVE Method

Recall from Chapter 2 that attributes are the distinctive qualities, or characteristics, of the evaluation. They define the basic elements of an information security risk evaluation from both the process and organizational perspectives. Table 3-1 summarizes how each attribute is reflected in the OCTAVE Method. ...

Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Managing Information Security Risks: The OCTAVESM Approach by Christopher Alberts, Audrey Dorofee

3.2. Mapping Attributes and Outputs to the OCTAVE Method

3.2.1. Attributes and the OCTAVE Method

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly