Chapter 2. Principles and Attributes of Information Security Risk Evaluations

The journey of learning about information security risk evaluations begins with the fundamentals. This chapter presents the principles, attributes, and outputs of the OCTAVE approach, defines the basic characteristics of OCTAVE, and lays the foundation for the more detailed discussions about specific implementations of OCTAVE and information security risk management that come later in this book.

Section

2.1 Introduction

2.2 Information Security Risk Management Principles

2.3 Information Security Risk Evaluation Attributes

2.4 Information Security Risk Evaluation Outputs

Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.