Chapter 6. Creating Threat Profiles (Process 4)
One of the principles of OCTAVE is to focus on the critical few. In an asset-based evaluation, the term "critical few" refers to your organization's most critical assets. In all subsequent data collection and analysis activities, you use critical assets as the basis for scoping each activity. This underscores the importance of carefully selecting critical assets.
Process 4 completes phase 1 of OCTAVE by consolidating and refining the individual perspectives elicited during the first three processes. You gain insight into how each asset is threatened by examining individual areas of concern in the context of a known range of threats.