OCTAVE FORTE: Connecting the Board Room to Cyber Risk
Organizations need an adaptable and agile process that allow executives to have a real-time view of cyber risks. To address this challenge, the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) process has been assisting organizations to assess their technical risks for the better part of two decades, and the SEI has recently worked to update the process model to manage cyber risks in a manner that is consistent across an entire enterprise. FORTE focuses upon building an Enterprise Risk Management (ERM) program for organizations with nascent risk management programs or improve upon existing programs to drive risk management with a process that spans the entire risk management life cycle from identification through closure.
Audience
This course is targeted to executives, managers, and technical staff who play a decision making role in the enterprise. This may include members of the following functions:
- Security
- Information security
- Information systems
- Strategy
- Risk management
- Operations
Objectives
This course educates participants in the application of the OCTAVE FORTE process. The process consists of ten steps that identify, analyze, and respond to various threats to an enterprise. At the completion of the course, learners will be able to:
- Apply principles of enterprise risk management to their daily activities
- Describe and apply principles of risk management
- Establish governance, risk appetite, and risk related policies that drive an enterprise-wide risk management program
- Implement a standard process for managing risks
- Identify and address relevant threats and opportunities that may impact strategic goals
Topics
- Fundamental Principles of Risk Management
- Frameworks and Standards
- Establishing Risk Governance and Appetite
- Managing Critical Services and Assets
- Gathering Resilience Requirements
- Risk Analysis
- Response Planning
- Measuring Risk Program Effectiveness
Materials
Participants will receive a course notebook and a downloadable copy of course materials, including course slides, supplementary handouts, and exercises.
Prerequisites
This course has no prerequisite requirements.
Dates Offered
Course Fees [USD]
- U.S. Industry: $1,500.00
- U.S. Govt/Academic: $1,200.00
- International: $2,250.00
Schedule
This 2 day course meets at the following times:
Days 1-2, 8:30 a.m. - 4:30 p.m. Eastern Time
This course may be offered by special arrangement at customer sites. For details, please email course-info@sei.cmu.edu or telephone at +1 412-268-1817.
Course Questions?
Email: course-info@sei.cmu.edu
Phone: 412-268-7388
Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.