Managing Information Security Risks: The OCTAVESM Approach

10.6. Create Action List

In the previous two activities you developed a protection strategy for organizational improvement and risk mitigation plans to reduce the risks to your critical assets. In this activity you look for near-term actions that people in your organization can immediately start to implement. By employing a few simple actions, your organization can start to improve in a few areas. By taking these initial steps toward improvement, your organization can start to build the momentum needed to implement its protection strategy and risk mitigation plans.

Action List

An action list defines any action items that people in your organization can take in the near term without the need for specialized training, policy changes, etc. Because ...

Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Managing Information Security Risks: The OCTAVESM Approach by Christopher Alberts, Audrey Dorofee

10.6. Create Action List

Action List

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly