OCTAVE enables any organization to develop security priorities based on the organization's particular business concerns. This approach provides a coherent framework for aligning security actions with overall objectives. Managing Information Security Risks, written by the developers of OCTAVE, is the complete and authoritative guide to its principles and implementations. The book provides a systematic way to evaluate and manage information security risks, illustrates the implementation of self-directed evaluations, and shows how to tailor evaluation methods to different types of organizations.
Hardback, 512 pages