Viewing Security Management as a Business Practice, Part 2: Lessons Learned in a Small Nonprofit Organization
- Oct 25, 2002
- Article is provided courtesy of Addison Wesley
Page 1 of 7
Next >
- Viewing Security Management as a Business Practice, Part 3: Integrating Information Security with Business Management
- Viewing Security Management as a Business Practice, Part 2: Lessons Learned in a Small Nonprofit Organization
- Viewing Security Management as a Business Practice, Part 1: Lessons Learned in a Medical Setting
- Security Risk Analysis with OCTAVESM
Sorry, this author hasn't posted any blogs.
From the author of
Managing Information Security Risks: The OCTAVE (SM) Approach
Current approaches for evaluating information-security risks generally focus on the needs of large organizations; few such pragmatic approaches exist for the unique operational environments of small organizations. See how a small nonprofit professional society's security threats affected its business operations.
Introduction
Part 1 of this series illustrated how a mid-sized hospital used the Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVESM) Method to establish the link between security threats and their impact on the hospital's ability to meet its business objectives. This article illustrates how a small nonprofit professional society used OCTAVE to understand how security threats might affect its business operations.
NOTE
Operationally Critical Threat, Asset, and Vulnerability EvaluationSM and OCTAVESM are service marks of Carnegie Mellon University.
Page 1 of 7
Next >
Account Sign In
View your cart