OCTAVE(Trademark)-S Implementation Guide, Version 1.0, Volume 5: Critical Asset Worksheets for Information

Abstract

The Operationally Critical Threat, Asset, and Vulnerability Evaluation(SM) (OCTAVE(Trademark)) approach defines a risk-based strategic assessment and planning technique for security. OCTAVE is a self-directed approach, meaning that people from an organization assume responsibility for setting the organization's security strategy. OCTAVE-S is a variation of the approach tailored to the limited means and unique constraints typically found in small organizations (less than 100 people). OCTAVE-S is led by a small, interdisciplinary team (three to five people) of an organization's personnel who gather and analyze information, producing a protection strategy and mitigation plans based on the organization's unique operational security risks. To conduct OCTAVE-S effectively, the team must have broad knowledge of the organization's business and security processes so it will be able to conduct all activities by itself. This document is Volume 5 of the OCTAVE-S Implementation Guide, a 10-volume handbook supporting the OCTAVE-S methodology. This volume provides worksheets to document data related to critical assets that are categorized as information.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2005
Accession Number
ADA430805

Entities

People

  • Audrey J. Dorofee
  • Carol C. Woody
  • Christopher J. Alberts
  • James R. Stevens

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Accidents
  • Application Software
  • Commerce
  • Communication Systems
  • Computers
  • Denial Of Service Attack
  • Department Of Defense
  • Engineering
  • Infrastructure
  • Natural Disasters
  • Physical Security
  • Power Supplies
  • Risk
  • Security
  • Software Development
  • Trojan Horse
  • Vulnerability

Readers

  • Organizational Process Management (OPM).