Help Net Security: Managing Information Security Risks: The OCTAVE Approach [Book Review]

[ Thanks to LogError for this link. ]

"From the title of this book, 'Managing Information Security Risks: The OCTAVE Approach,' you can see that the book will cover specific issues regarding usage of the well known OCTAVE method. OCTAVE, which stands for Operationally Critical Threat, Asset, and Vulnerability Evaluation, enables an organization to sort through the complex web of organizational and technological issues to understand and address its informational security risks. This comprehensive and self-directed approach to information security risk evaluations is meant to put organizations in charge; balance critical information assets, business needs, threats, and vulnerabilities; measure the organization against known or accepted good security practices and establish an organization-wide protection strategy and information security risk mitigation plans..."

Complete Story

Related Stories:

• Help Net Security: Halting the Hacker: A Practical Guide to Computer Security, 2/e [Book Review](Jan 21, 2003)
• Help Net Security: Enterprise Security: The Manager's Defense Guide [Book Review](Dec 04, 2002)
• LinuxPlanet: Security Expert Gives Operating Systems Poor Security Grade(Oct 14, 2002)