7.1. Overview of Process 5
Upon completion of process 4 you identified your organization's critical assets and examined the threats to those assets. In process 5 you use this information to determine how to evaluate your organization's computing infrastructure for technology vulnerabilities.
You need to focus on the vulnerability evaluation to complete it in an efficient and effective manner. To understand your risk, you need to collect vulnerability information only on key components relative to the critical assets. Process 5 enables you to identify those key components.
Process 5 Workshop
Process 5 is implemented using the core analysis team members as well as any supplemental personnel that this team decides to include. Since this workshop ...
Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
