OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation) is a suite of tools, techniques, and methods for risk-based information security strategic assessment and planning. The OCTAVE method is an approach used to assess an organization's information security needs. OCTAVE Allegro is the most recently developed method and is actively supported by the CERT Division. Two older methods, OCTAVE and OCTAVE-S, are still available, but most organizations can use OCTAVE Allegro successfully.
Features and benefits of all OCTAVE methods include the following:
In this three-day training course, participants use a case study to perform each activity in the OCTAVE Allegro method as well as learn about risk assessment preparation, tailoring, and prioritization of identified risks for response. OCTAVE and OCTAVE-S are not covered in the course. This course is also available in eLearning.