Octave compliance

Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is a risk assessment and management method, used to ensure information systems security. The creators of OCTAVE came from Carnegie Mellon, the renowned American university for IS security and founders of the first CERT, the Computer Emergency Response Team, who specialize in assistance against system intrusion.

OCTAVE comprises 3 phases:

  • Organizational view
    - Assets
    - Threats
    - Organizational vulnerabilities
    - Security requirements
    - Current practices
  • Technological view
    - Key components
    - Technical vulnerabilities
  • Strategy and plan development
    - Risk assessment
    - Risk classification
    - Protection strategy
    - Mitigation plan

IS Decisions provides a range of software solutions that can be used to support OCTAVE methodology:

Action IS Decisions
IS Decisions
IS Decisions solution's features
Key components Know WinReporter Comprehensive hardware, software and system audit for Windows resources
Search, report and archive configuration settings
Report permissions applied to files, folders and shares
Control UserLock Identification of users connected to the environment
Search, report and archive user connectivity
FileAudit Identification of accesses to a file or folder
Search, report and archive file and folder accesses
Technical vulnerabilities Know WinReporter Report applied hotfixes

Share this page: