OCTAVE(Federal Registration)-S Implementation Guide, Version 1.0, Volume 8: Critical Asset Worksheets for People

Abstract

The Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVEFederal Registration) approach defines a risk-based strategic assessment and planning technique for security. OCTAVE is a self-directed approach, meaning that people from an organization assume responsibility for setting the organization's security strategy. OCTAVE-S is a variation of the approach tailored to the limited means and unique constraints typically found in small organizations (less than 100 people). OCTAVE-S is led by a small, interdisciplinary team (three to five people) of an organization's personnel who gather and analyze information, producing a protection strategy and mitigation plans based on the organization's unique operational security risks. To conduct OCTAVE-S effectively, the team must have broad knowledge of the organization's business and security processes, so it will be able to conduct all activities by itself.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2005
Accession Number
ADA430833

Entities

People

  • Audrey J. Dorofee
  • Carol C. Woody
  • Christopher J. Alberts
  • James R. Stevens

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Human Systems
  • Materials and Manufacturing Processes
  • Weapons Technologies

DTIC Thesaurus Topics

  • Abstracts
  • Availability
  • Classification
  • Commerce
  • Engineering
  • Handbooks
  • Information Operations
  • Information Security
  • Manufacturing
  • Risk
  • Risk Management
  • Security
  • Security Personnel
  • Software Development
  • Translations
  • United States
  • Vulnerability

Readers

  • Cybersecurity.
  • Organizational Process Management (OPM).