Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Report

Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process

  • Abstract

    This technical report introduces the next generation of the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology, OCTAVE Allegro. OCTAVE Allegro is a methodology to streamline and optimize the process of assessing information security risks so that an organization can obtain sufficient results with a small investment in time, people, and other limited resources. It leads the organization to consider people, technology, and facilities in the context of their relationship to information and the business processes and services they support. This report highlights the design considerations and requirements for OCTAVE Allegro based on field experience with existing OCTAVE methods and provides guidance, worksheets, and examples that an organization can use to begin performing OCTAVE Allegro-based risk assessments.

  • Download

Part of a Collection

OCTAVE Related Assets

Cite This Report

SEI

Caralli, Richard; Stevens, James; Young, Lisa; & Wilson, William. Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process (CMU/SEI-2007-TR-012). Software Engineering Institute, Carnegie Mellon University, 2007. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8419

IEEE

Caralli. Richard, Stevens. James, Young. Lisa, and Wilson. William, "Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Report CMU/SEI-2007-TR-012, 2007. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8419

APA

Caralli, Richard., Stevens, James., Young, Lisa., & Wilson, William. (2007). Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process (CMU/SEI-2007-TR-012). Retrieved December 29, 2014, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8419

CHI

Richard Caralli, James Stevens, Lisa Young, & William Wilson. Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process (CMU/SEI-2007-TR-012). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2007. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8419

MLA

Caralli, Richard., Stevens, James., Young, Lisa., & Wilson, William. 2007. Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process (Technical Report CMU/SEI-2007-TR-012). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8419