3.2. Mapping Attributes and Outputs to the OCTAVE Method
The OCTAVE Method is consistent with the principles, attributes, and outputs of the OCTAVE approach described in Chapter 2. This section illustrates how the attributes and outputs map to the OCTAVE Method. Since Chapter 2 provided a mapping between principles and attributes, we do not explicitly map the principles to the OCTAVE Method here.
3.2.1. Attributes and the OCTAVE Method
Recall from Chapter 2 that attributes are the distinctive qualities, or characteristics, of the evaluation. They define the basic elements of an information security risk evaluation from both the process and organizational perspectives. Table 3-1 summarizes how each attribute is reflected in the OCTAVE Method. ...
Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.