Security Risk Assessment Using Octave Allegro: Part 1: Introduction to Allegro: Rationale and Application

Allen, Julia; Young, Lisa

Security Risk Assessment Using Octave Allegro: Part 1: Introduction to Allegro: Rationale and Application

Active / Technical Report | Accesssion Number: AD1147202 |

Open PDF

Abstract:

OCTAVE's been around for many years, going on ten I think. But it was originally developed for large complex organizations who were looking for a way to evaluate their information security risk, in the context of the operation of the business. And OCTAVE was one of the first evaluation methods to consider security outside of just vulnerability assessment. It has methods to collect information about organizational vulnerabilities, and it also has many volumes of guidance on risk assessment and the principles of risk management.

Author(s):

Allen, Julia ; Young, Lisa

Author Organization(s):

CARNEGIE-MELLON UNIV PITTSBURGH PA

Funding Organization(s):

AIR FORCE LIFE CYCLE MANAGEMENT CENTER HANSCOM AFB MA, HANSCOM AFB , MA

Document Type:

Technical Report/Other

Publication Date:

2008 Jan 01

Pagination:

6

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution Code:

A - Approved For Public Release

Distribution Statement: Public Release

RECORD

Collection: TRECMS

Subject Terms

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

risk analysis, risk, information security, risk management, vulnerability, security, security personnel, software development, commerce, law, test and evaluation, universities, containers, engineering, productivity

Subject Categories:

Behavioral and Social Sciences; Mathematical and Computer Sciences

Creation Date:

2021 Sep 17

Update Date:

2021 Nov 29