2012 | OriginalPaper | Buchkapitel
Implementation of the OCTAVE Methodology in Security Risk Management Process for Business Resources
verfasst von : Marek Pyka, Ścibor Sobieski
Erschienen in: Internet - Technical Developments and Applications 2
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
One of the most important factors of real live teleinformatic systems are risk management process. The question that arises is how to implement this process in real and big organizations. Every day, most of technological decision maker and financial decision maker are searching methods for secure assets and safe business. In this chapter authors conduct a discussion concerning methodology that improves information management and protection decision making process. The authors describes OCTAVE (The Operationally Critical Threat, Asset, and Vulnerability Evaluation) using real-life examples and reference to the Polish legal regulations. The purpose of the chapter is to present a methodology, which is successfully being employed in Western-Europe countries, United States of America and presents the possibility of using it in Poland, fitting well into the security policies of many organizations. An example of OCTAVE implementation, for small and medium companies, based on Polish law, shall be presented in this article.