Team LiB   Previous Section   Next Section

Chapter 11. Developing a Protection Strategy—Workshop B (Process 8B)

One of the principles of OCTAVE is setting the foundation for a continuous process. This principle addresses the need to implement the results of an information security risk evaluation, providing the basis for security improvement. If an organization fails to implement the results of an evaluation, it will also fail to improve its security posture.

The second workshop of process 8 marks the end of the OCTAVE Method. Although the formal evaluation process comes to an end, the organization needs to consider what happens after the evaluation. This workshop sets up the transition from conducting the evaluation to implementing the results, to ensure that your organization is in a position to benefit from the whole process.

Section

11.1 Overview of Process 8B

11.2 Before the Workshop: Prepare to Meet with Senior Management

11.3 Present Risk Information

11.4 Review and Refine Protection Strategy, Mitigation Plans, and Action List

11.5 Create Next Steps

11.6 Summary of Part II

    Team LiB   Previous Section   Next Section