Managing Information Security Risks The OCTAVE Approach 1st edition by Christopher Alberts, Peter Gordon, Audrey Dorofee, John Fuller ISBN 0321118863 978-0321118868
Original price was: $50.00.$35.00Current price is: $35.00.
Authors:Christopher J. Alberts; Audrey J. Dorofee , Series:Cyber Security [16] , Tags:Business & Economics; Management; Computers; Networking; General; Security , Author sort:Alberts, Christopher J. & Dorofee, Audrey J. , Ids:Google; 9780321118868 , Languages:Languages:eng , Published:Published:Apr 2003 , Publisher:Addison-Wesley Professional , Comments:Comments:From the CERT Coordination Center at the SEI, this book describes OCTAVE, a new method of evaluating information security risk.@BULLET = This book is from the CERT Coordination Center and Networked Systems Survivability (NSS) group at the SEI, the Software Engineering Institute at Carnegie Mellon University. @BULLET = There is growing interest in OCTAVE. The DOD Medical Health System is one early adopter and there is also keen interest from the financial sector. @BULLET = The authors are the lead developers of the OCTAVE method and are experts in helping organizations manage their own security risks.@SUMMARY = This is a descriptive and process-oriented book on a new security risk evaluation method, OCTAVE. OCTAVE stands for Operationally Critical Threat, Asset, and Vulnerability Evaluation (SM). An information security risk evaluation helps organizations evaluate organizational practice as well as the installed technology base and to make decisions based on potential impact.@AUTHBIO = Christopher Alberts is a senior member of the technical staff in the Networked Systems Survivability Program (NSS) at the SEI, CERT Coordination Center. He is team leader for security evaluations and OCTAVE. Christopher is responsible for developing information security risk management methods, tools, and techniques. Audrey Dorofee is a senior member of the technical staff in the Survivable Network Management Project in the NSS Program at SEI, CERT Coordination Center. CERT is the original computer security incident response center and is internationally recognized as a leading authoritative organization in this area.
Managing Information Security Risks: The OCTAVE Approach 1st edition by Christopher Alberts, Peter Gordon, Audrey Dorofee, John Fuller – Ebook PDF Instant Download/Delivery. 0321118863 978-0321118868
Full download Managing Information Security Risks: The OCTAVE Approach 1st edition after payment
Product details:
ISBN 10: 0321118863
ISBN 13: 978-0321118868
Author: Christopher Alberts, Peter Gordon, Audrey Dorofee, John Fuller
From the CERT Coordination Center at the SEI, this book describes OCTAVE, a new method of evaluating information security risk.@BULLET = This book is from the CERT Coordination Center and Networked Systems Survivability (NSS) group at the SEI, the Software Engineering Institute at Carnegie Mellon University. @BULLET = There is growing interest in OCTAVE. The DOD Medical Health System is one early adopter and there is also keen interest from the financial sector. @BULLET = The authors are the lead developers of the OCTAVE method and are experts in helping organizations manage their own security risks.@SUMMARY = This is a descriptive and process-oriented book on a new security risk evaluation method, OCTAVE. OCTAVE stands for Operationally Critical Threat, Asset, and Vulnerability Evaluation (SM). An information security risk evaluation helps organizations evaluate organizational practice as well as the installed technology base and to make decisions based on potential impact.@AUTHBIO = Christopher Alberts is a senior member of the technical staff in the Networked Systems Survivability Program (NSS) at the SEI, CERT Coordination Center. He is team leader for security evaluations and OCTAVE. Christopher is responsible for developing information security risk management methods, tools, and techniques. Audrey Dorofee is a senior member of the technical staff in the Survivable Network Management Project in the NSS Program at SEI, CERT Coordination Center. CERT is the original computer security incident response center and is internationally recognized as a leading authoritative organization in this area.
Managing Information Security Risks: The OCTAVE Approach 1st Table of contents:
Chapter 1: Introduction to Information Security Risk Management
1.1. The Importance of Information Security
1.2. Information Security as Risk Management
1.3. The Need for a Systematic Approach
1.4. Introduction to the OCTAVE Approach
1.5. The OCTAVE Risk Management Framework
1.6. Structure and Goals of the Book
Chapter 2: Foundations of the OCTAVE Approach
2.1. Overview of OCTAVE
2.2. Goals of OCTAVE
2.3. The Three Phases of OCTAVE
2.4. Stakeholders in OCTAVE Risk Management
2.5. Key Concepts in Risk Management
2.6. Relationship Between Risk, Assets, Threats, and Vulnerabilities
2.7. A Comparison with Other Risk Management Frameworks
Chapter 3: Preparing for an OCTAVE Assessment
3.1. Organizing the Risk Management Process
3.2. Setting the Scope and Objectives of the Assessment
3.3. Identifying Key Stakeholders
3.4. Assembling the Risk Assessment Team
3.5. Collecting the Necessary Resources
3.6. Selecting Tools and Techniques for Data Collection
3.7. Understanding Organizational and Cultural Contexts
Chapter 4: Identifying and Characterizing Assets
4.1. Defining Information Assets
4.2. Identifying and Cataloging Assets
4.3. Categorizing and Prioritizing Assets
4.4. The Role of Asset Valuation in Risk Assessment
4.5. Techniques for Asset Characterization
4.6. Understanding the Criticality and Sensitivity of Assets
Chapter 5: Identifying Threats and Vulnerabilities
5.1. Defining Threats and Vulnerabilities
5.2. Mapping Threats to Assets
5.3. Identifying Vulnerabilities in Systems and Processes
5.4. Techniques for Threat and Vulnerability Identification
5.5. Common Threat Sources: External vs. Internal
5.6. Evaluating the Impact of Threats and Vulnerabilities
Chapter 6: Assessing Risk Using OCTAVE
6.1. The Risk Assessment Process
6.2. The Role of Risk in Information Security
6.3. Calculating Risk: Likelihood and Impact
6.4. Risk Appetite and Tolerance
6.5. Risk Assessment Techniques in OCTAVE
6.6. Analyzing the Likelihood of Threats and Vulnerabilities
6.7. Evaluating and Quantifying Risk Exposure
Chapter 7: Determining Risk Mitigation Strategies
7.1. Identifying and Prioritizing Mitigation Options
7.2. Cost-Benefit Analysis for Security Investments
7.3. Designing Mitigation Plans
7.4. Addressing Threats and Vulnerabilities with Controls
7.5. Organizational and Operational Changes for Risk Reduction
7.6. Creating Risk Treatment Plans
7.7. Implementing and Monitoring Mitigation Strategies
Chapter 8: Implementing the OCTAVE Approach
8.1. Introduction to Implementation Strategies
8.2. Incorporating OCTAVE into the Organization’s Risk Management Process
8.3. Operationalizing OCTAVE
8.4. Communicating with Stakeholders
8.5. The Role of Documentation in the Implementation Process
8.6. Case Studies of OCTAVE Implementation
8.7. Overcoming Challenges and Barriers to Implementation
Chapter 9: Measuring and Evaluating Risk Management Performance
9.1. Importance of Risk Management Metrics
9.2. Key Performance Indicators (KPIs) for Security Risk Management
9.3. Evaluating the Effectiveness of Risk Mitigation Strategies
9.4. Continuous Improvement in Risk Management
9.5. Lessons Learned from OCTAVE Assessments
9.6. Tools and Techniques for Risk Management Evaluation
Chapter 10: Evolving the Risk Management Process
10.1. Ongoing Risk Management: A Continuous Process
10.2. Updating the Risk Assessment as the Environment Changes
10.3. Organizational Changes and Their Impact on Risk
10.4. Incorporating New Threats and Vulnerabilities into the Process
10.5. Future Trends in Information Security Risk Management
10.6. Integrating OCTAVE with Other Risk Management Frameworks
People also search for Managing Information Security Risks: The OCTAVE Approach 1st:
managing information security risks the octave sm approach
what is information security risk management
harvard managing risk in the information age
managing information security risks the octave approach pdf
octave risk management methodology
You may also like…
