Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0

Abstract

The Operationally Critical Threat, Asset, and Vulnerability Evaluation(SM) (OCTAVE(SM)) is a framework for identifying and managing information security risks. It defines a comprehensive evaluation method that allows an organization to identify the information assets that are important to the mission of the organization, the threats to those assets, and the vulnerabilities that may expose those assets to the threats. By putting together the information assets, threats, and vulnerabilities, the organization can begin to understand what information is at risk. With this understanding, the organization can design and implement a protection strategy to reduce the overall risk exposure of its information assets.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 1999
Accession Number
ADA367718

Entities

People

  • Christopher J. Alberts
  • Richard D. Pethia
  • Sandra G. Behrens
  • William R. Wilson

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Ground and Sea Platforms
  • Human Systems

DTIC Thesaurus Topics

  • Commerce
  • Computer Network Security
  • Cybersecurity
  • Department Of Defense
  • Engineering
  • Homosexuality
  • Information Security
  • Information Systems
  • Infrastructure
  • Network Topology
  • Risk
  • Risk Analysis
  • Risk Management
  • Security
  • Software Development
  • Test And Evaluation
  • Vulnerability

Readers

  • Aviation Safety Risk Assessment.
  • Irregular Warfare and Special Operations Cyberspace Operations against Adversarial Threats.
  • Organizational Process Management (OPM).