Managing Information Security Risks: The OCTAVESM Approach

3.3. Introduction to the Sample Scenario

As we explore the details of the OCTAVE Method in Chapters 4 to 11, we illustrate major concepts using examples from a running scenario. The organization in the scenario is a fictitious, medium-sized, medical facility called MedSite. MedSite is a hospital with several clinics and labs, some of which are at remote locations. The hospital includes the following functional areas:

A permanent administrative organization
Permanent and temporary medical personnel, including physicians, surgeons, and medical staff
Permanent and temporary maintenance personnel, including facility and maintenance staff
A small information technology department (three people) responsible for on-site computer and network maintenance ...

Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Managing Information Security Risks: The OCTAVESM Approach by Christopher Alberts, Audrey Dorofee

3.3. Introduction to the Sample Scenario

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly