Part III: Variations on the OCTAVE Approach

Parts I and II of this book focused on the OCTAVE approach and provided detailed guidance on how to conduct the OCTAVE Method. Part III broadens our view in two ways. First, it examines the contextual nature of information security risk evaluations by addressing how to tailor the OCTAVE approach for a variety of operational environments. Next, it looks at how to improve your organization's security posture by implementing the results of the evaluation and managing your information security risks.

Chapter 12 describes a number of ways in which you can tailor the processes, activities, and artifacts of the OCTAVE Method. Chapter 13 highlights examples of how OCTAVE is being applied in a range of operational ...

Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Managing Information Security Risks: The OCTAVESM Approach by Christopher Alberts, Audrey Dorofee

Part III: Variations on the OCTAVE Approach

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly