5.4. Identify Security Requirements for Most Important Assets
In OCTAVE you are ultimately trying to create a protection strategy and risk mitigation plans geared toward protecting your organization's critical assets. To protect critical assets, you must first establish what is important about each of those assets. Then you can determine to what extent you will protect each asset.
At this point in the workshop, participants discuss what qualities are important about the assets that they have identified. In many cases you will find that an asset is identified as important to more than one organizational level. However, the quality of the asset that is most valued might differ among participants from different levels. It is important to understand ...
Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
