About OCTAVE

OCTAVE Tailoring:
Keys to Success

OCTAVE Training

OCTAVE Tools and Templates

 

  


OCTAVE© Training

Where can we get OCTAVE training? <contact>
OCTAVE training can be delivered by our trained professionals as part of an initial OCTAVE on-site evaluation, where we aim to achieve knowledge transfer, and train your own team to undertake subsequent Risk Evaluations as part of an ongoing Risk Management Program. Our training options include:

  • On-site Just-In-Time Training
    (delivered as part of an on-site facilitated OCTAVE engagement)

  • On-Site Classroom Training
    (tailored to your industry, delivered as a 2 day or 3 day training program)

  • Traditional OCTAVE Training

  • Development of Customer Specific Tools and Templates

  • Development of On-line, Multi-media and Video Training Materials

SecurityRiskSolutions has qualified Instructors
SecurityRiskSolutions staff has trained over 400 individuals in the OCTAVE methodology. Our lead instructor is a Visiting Scientist at the SEI/CERT, and represents the SEI in the research, development and training of OCTAVE and related methodologies. This includes delivery as an instructor for the SEI's public OCTAVE training courses in Pittsburgh PA and Washington DC.

Text Box: We maintain certified professionals who have not only attended the SEI's OCTAVE "Train the Trainer" program, but who teach it for them. In addition to our private course offerings, we deliver OCTAVE training and OCTAVE Instructor Training at the SEI, for the SEI.

OCTAVE Training Course Differentiators: 
Why you should consider us for your training needs.

  • Training Experience: Have trained staff from over 200 facilities from the  private sector and the government.  We have been actively conducting OCTAVE training since 2001.
  • Implementation Experience: Our instructors have years of experience not only in teaching, but with Risk Assessment, Information Security and OCTAVE real-life engagements.
  • Tailoring: Once of the keys to success in OCTAVE is knowing how to tailor the methodology to suit your needs. We have first hand experience in this area, having tailored OCTAVE specifically for Government Agencies and large, public traded companies.  Tailoring is included in every module of our training, not just as a "quick session" at the end.

  • 2 or 3 Day Course Agenda: We offer a 2 day class which contains "everything you need and nothing you don't". This allows you to minimize the impact on your staff during the work week. 3 day courses are also available if desired.

Who should attend this course?
Interdisciplinary analysis teams (typically 3-5 individuals) that will lead and perform security risk evaluations for an organization using the OCTAVE Method, or individuals who would like an in-depth understanding of the OCTAVE approach and methods.

Course Description
The Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE) Training Workshop can be delivered as a two-day or a three-day workshop. It is designed for interdisciplinary analysis teams that will lead and perform organizationally focused information security risk evaluations.

OCTAVE is a self-directed risk evaluation that provides organizations with control over security risks; balances critical information assets, business needs, threats, and vulnerabilities; and benchmarks organizations against known or accepted best practices for security. This course covers the OCTAVE approach, OCTAVE Method, and preparation for implementing the methods. Specific guidelines for tailoring the method are presented during each module of the training, and also in a general "tailoring" session towards the end of the course.

Course Objectives
The OCTAVE Training Workshop will help attendees understand the purpose of the OCTAVE approach and the key characteristics of the methods, be ready to use the OCTAVE implementation guides and do an evaluation, understand how to get started and when to tailor the process and artifacts to meet their unique organizational needs.

Course Topics Include:

  • Introduction to the OCTAVE approach

  • Detailed training on the OCTAVE Method, use case study material and/or organizational specific data

  • Preparation for OCTAVE

  • Summary review of OCTAVE processes

  • Tailoring OCTAVE to meet your organization's needs

Prerequisites
Workshop attendees should represent business/mission and/or IT perspectives and
have knowledge of business and/or IT processes of their organization.

Schedule
The OCTAVE Training Workshop is a two or three-day course. The schedules can be adjusted but typically the 2 day course runs from 8:00 a.m.-5:00 p.m. and the 3 day course runs from 9:00 am to 4:00 pm

 

RESOURCES:

Visit our main OCTAVE page for more general information.

Visit our Keys to Success for more information regarding tailoring and an example of an engagement approach.

Visit our OCTAVE Tools page to learn about our tools and templates.

Visit our Papers and Publications page for more OCTAVE Resources.

Contact us for a no obligation discussion and to obtain examples of training class agenda and schedule

 

CERT and CERT Coordination Center are registered in the U.S. Patent and Trademark Office by Carnegie Mellon University

© 2007 Security Risk Solutions, Inc.  All Rights Reserved

  
  • Over 400 Individuals Trained
  • Tailored to Your Specific Needs
  • Instruction by Certified, Experienced OCTAVE Experts