Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process

This technical report introduces the next generation of the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology, OCTAVE Allegro. OCTAVE Allegro is a methodology to streamline and optimize the process of assessing information security risks so that an organization...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Caralli, Richard A, Stevens, James F, Young, Lisa R, Wilson, William R
Format:	Report
Sprache:	eng
Schlagworte:	COMPUTER SECURITY RISK MANAGEMENT Computer Systems Management and Standards COMPUTERS INFORMATION RESILIENCY INFORMATION SECURITY METHODOLOGY OCTAVE(OPERATIONALLY CRITICAL THREAT-ASSET-VULNERABILITY EVALUATION) RISK ANALYSIS RISK ASSESSMENT RISK EVALUATION SOFTWARE ENGINEERING THREAT ANALYSIS THREAT EVALUATION VULNERABILITY VULNERABILITY EVALUATION
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	This technical report introduces the next generation of the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology, OCTAVE Allegro. OCTAVE Allegro is a methodology to streamline and optimize the process of assessing information security risks so that an organization can obtain sufficient results with a small investment in time, people, and other limited resources. It leads the organization to consider people, technology, and facilities in the context of their relationship to information and the business processes and services they support. This report highlights the design considerations and requirements for OCTAVE Allegro based on field experience with existing OCTAVE methods and provides guidance, worksheets, and examples that an organization can use to begin performing OCTAVE Allegro-based risk assessments. Prepared in cooperation with ictQATAR. The original document contains color images.