Discussion
Operationally, Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is a commonly used methodology for risk-based information security assessment and planning.
1. From the e-Activity, provide a brief explanation of the Operationally, Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methods. Explain how they are beneficial for organizations developing their IT risk management approaches.
2. From the e-Activity, explain how the size of the organization impacts the OCTAVE method utilized. Determine the factors that large organizations, as opposed to small organizations, are most concerned with.
The response should include a reference list. Double-space, using Times New Roman 12 pnt font, one-inch margins, and APA style of writing and citations.
Textbook: Fennelly, Lawrence, J. Effective Physical Security, 4th Edition. Butterworth-Heinemann, Elsevier, 2012 ISBN 978-0-12-415892-4
• Recommended Materials/Resources
Use the following author's names, book/article titles, Web sites, and/or keywords to search for supplementary information to augment your learning in this subject.
• Official (ISC)2 CISSP Training Seminar Handbook. International Information Systems Security Consortium, 2014.
• Harris, Shon. All in One CISSP Exam Guide, Sixth Edition. McGraw-Hill, 2013.
• Rhodes-Ousley, Mark. The Complete Reference to Information Security, Second Edition. McGraw-Hill, 2013.