OCTAVE-Related Assets
These assets all relate to OCTAVE: What it is, how to use it, and its value.
Abstract
The following assets were developed as part of OCTAVE projects:
Collection Contents
-
OCTAVE FORTE: Establish a More Adaptable and Robust Risk Program
June 29, 2020 • Fact Sheet
This fact sheet describes OCTAVE FORTE and how it updates the original OCTAVE program.
read -
Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process
May 1, 2007 • Technical Report
By Richard A. Caralli, James F. Stevens, Lisa R. Young, William R. Wilson
In this 2007 report, the authors highlight the design considerations and requirements for OCTAVE Allegro based on field experience.
read -
Introduction to the OCTAVE Approach
August 1, 2003 • User's Guide
By Christopher J. Alberts, Audrey J. Dorofee, James F. Stevens, Carol Woody
In this 2003 report, the authors describe the OCTAVE method, an approach for managing information security risks.
read -
Managing Information Security Risks: The OCTAVE Approach
July 9, 2002 • Book
By Christopher J. Alberts, Audrey J. Dorofee
In this book, the authors provide a systematic way to evaluate and manage information security risks through the use of the OCTAVE approach.
read -
Applying OCTAVE: Practitioners Report
May 1, 2006 • Technical Note
By Carol Woody, Johnathan Coleman (No Affiliation), Michael Fancher (No Affiliation), Carol Myers (No Affiliation), Lisa R. Young
In this report, the authors describe how OCTAVE has been used and tailored to fit a wide range of organizational risk assessment needs.
read -
OCTAVE Catalog of Practices, Version 2.0
October 1, 2001 • Technical Report
By Christopher J. Alberts, Audrey J. Dorofee, Julia H. Allen
In this report, the authors describe OCTAVE practices, which enable organizations to identify risks and mitigate them.
read -
Security Risk Assessment Using OCTAVE Allegro
September 16, 2008 • Podcast
By Lisa R. Young, Julia H. Allen
In this podcast, Lisa Young describes OCTAVE Allegro, a streamlined assessment method that focuses on risks to information used by critical business services.
learn more -
OCTAVE Criteria, Version 2.0
December 1, 2001 • Technical Report
By Christopher J. Alberts, Audrey J. Dorofee
This 2001 report defines a general approach for evaluating and managing information security risks.
read -
Order Form for OCTAVE Method Implementation Guide
June 1, 2001 • User's Guide
This order form is used to order an OCTAVE Method Implementation Guide.
read -
Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0
September 1, 1999 • Technical Report
By Christopher J. Alberts, Sandra Behrens, Richard D. Pethia, William R. Wilson
The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is a framework for identifying and managing information security risks.
read -
OCTAVE Method Implementation Guide Version 2.0 Volume 1: Introduction
June 1, 2001 • User's Guide
By Christopher J. Alberts, Audrey J. Dorofee
In this report, the authors describe everything you will need to understand and implement OCTAVE method.
read -
OCTAVE Method Implementation Guide Version 2.0 Volume 2: Preliminary Activities
June 1, 2001 • User's Guide
By Christopher J. Alberts, Audrey J. Dorofee
In this list of preliminary activities, the authors describe activities you will complete to implement the OCTAVE method.
read -
OCTAVE-S Implementation Guide, Version 1
January 1, 2005 • Handbook
By Christopher J. Alberts, Audrey J. Dorofee, James F. Stevens, Carol Woody
In this 2005 handbook, the authors provide detailed guidelines for conducting an OCTAVE-S evaluation.
read