Operationally, Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is a commonly used methodology for risk-based information security assessment and planning. Review the information located at http://www.cert.org/octave/.
From the e-Activity, provide a brief explanation of the Operationally, Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methods. Explain how they are beneficial for organizations developing their IT risk management approaches.
From the e-Activity, explain how the size of the organization impacts the OCTAVE method utilized. Determine the factors that large organizations, as opposed to small organizations, are most concerned with.
Remember to cite a source using the APA standard
Fennelly, Lawrence, J. Effective Physical Security, 4th Edition. Butterworth-Heinemann, Elsevier, 2012 ISBN 978-0-12-415892-4
Recommended Materials/Resources Please use the following author’s names, book/article titles, Web sites, and/or keywords to search for supplementary information to augment your learning in this subject.
Official (ISC)2 CISSP Training Seminar Handbook. International Information Systems Security Consortium, 2014.
Harris, Shon. All in One CISSP Exam Guide, Sixth Edition. McGraw-Hill, 2013.
Rhodes-Ousley, Mark. The Complete Reference to Information Security, Second Edition. McGraw-Hill, 2013.