Managing Information Security Risks: The OCTAVESM Approach

9.2. Identify the Impact of Threats to Critical Assets

Risk broadens the view of threat by considering how threats ultimately affect an organization. In this activity, you create and record narrative descriptions of potential impacts that can result from threats to your critical assets. As you do this, you establish the link among assets, threats, and what is important to your organization (i.e., your business objectives), providing you with a basis on which you can analyze your risk.

Step 1: Review Information

Before you work though the steps in this activity, you need to review information about your critical assets. This is important, because you are building on information from process 4, which you probably completed a while ago. Specifically, ...

Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Managing Information Security Risks: The OCTAVESM Approach by Christopher Alberts, Audrey Dorofee

9.2. Identify the Impact of Threats to Critical Assets

Step 1: Review Information

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly