Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0

The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is a framework for identifying and managing information security risks. It defines a comprehensive evaluation method that allows an organization to identify the information assets that are important to the mission of the organization, the threats to those assets, and the vulnerabilities that may expose those assets to the threats. By putting together the information assets, threats, and vulnerabilities, the organization can begin to understand what information is at risk. With this understanding, the organization can design and implement a protection strategy to reduce the overall risk exposure of its information assets.

PDF [277 KB]

Authors

Christopher J. Alberts

Sandra Behrens

Richard D. Pethia

William R. Wilson

Technical Report
CMU/SEI-99-TR-017
September 1999

Cite This Report

SEI:

Alberts, Christopher; Behrens, Sandra; Pethia, Richard; & Wilson, William. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0 (CMU/SEI-99-TR-017). Software Engineering Institute, Carnegie Mellon University, 1999. http://www.sei.cmu.edu/library/abstracts/reports/99tr017.cfm

IEEE:

C. Alberts, S. Behrens, R. Pethia, and W. Wilson, "Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Report CMU/SEI-99-TR-017, 1999. http://www.sei.cmu.edu/library/abstracts/reports/99tr017.cfm

APA:

Alberts, C., Behrens, S., Pethia, R., & Wilson, W. (1999) . Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0 (CMU/SEI-99-TR-017). Retrieved May 24, 2012, from the Software Engineering Institute, Carnegie Mellon University website: http://www.sei.cmu.edu/library/abstracts/reports/99tr017.cfm

CHI:

Alberts, Christopher, Sandra Behrens, Richard Pethia, and William Wilson. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0 (CMU/SEI-99-TR-017). Pittsburgh, PA: Software Engineering Insitute, Carnegie Mellon University, 1999. http://www.sei.cmu.edu/library/abstracts/reports/99tr017.cfm

MLA:

Alberts, C., Behrens, S., Pethia, R., & Wilson, W. 1999. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0 (Technical Report CMU/SEI-99-TR-017). Pittsburgh: Software Engineering Insitute, Carnegie Mellon University. http://www.sei.cmu.edu/library/abstracts/reports/99tr017.cfm

Find Us Here

Share This Page

Share on Facebook  Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Contact Us

info@sei.cmu.edu

412-268-5800