Managing Information Security Risks: The OCTAVESM Approach

13.5. Large and Small Organizations

We now examine how a professional society comprising organizations of various sizes intends to implement OCTAVE. The central office of the society wants to use different implementations of OCTAVE to manage information security risks collaboratively among its members.

The Professional Society

Figure 13-5 depicts a professional society that is a loosely interconnected organization. The central organization is large, and it provides services to many small member companies. The professional society's central office has about 400 employees, including 40 information technology professionals. There are several thousand organizations affiliated with the society. The key objective of the central office is to provide ...

Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Managing Information Security Risks: The OCTAVESM Approach by Christopher Alberts, Audrey Dorofee

13.5. Large and Small Organizations

The Professional Society

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly