Team LiB   Previous Section   Next Section

Chapter 6. Creating Threat Profiles (Process 4)

One of the principles of OCTAVE is to focus on the critical few. In an asset-based evaluation, the term "critical few" refers to your organization's most critical assets. In all subsequent data collection and analysis activities, you use critical assets as the basis for scoping each activity. This underscores the importance of carefully selecting critical assets.

Process 4 completes phase 1 of OCTAVE by consolidating and refining the individual perspectives elicited during the first three processes. You gain insight into how each asset is threatened by examining individual areas of concern in the context of a known range of threats.


6.1 Overview of Process 4

6.2 Before the Workshop: Consolidate Information from Processes 1 to 3

6.3 Select Critical Assets

6.4 Refine Security Requirements for Critical Assets

6.5 Identify Threats to Critical Assets

    Team LiB   Previous Section   Next Section