Chapter 2. Principles and Attributes of Information Security Risk Evaluations

The journey of learning about information security risk evaluations begins with the fundamentals. This chapter presents the principles, attributes, and outputs of the OCTAVE approach, defines the basic characteristics of OCTAVE, and lays the foundation for the more detailed discussions about specific implementations of OCTAVE and information security risk management that come later in this book.

Section 2.1 Introduction 2.2 Information Security Risk Management Principles 2.3 Information Security Risk Evaluation Attributes 2.4 Information Security Risk Evaluation Outputs