In this three-day course, participants learn to perform information security risk assessments using the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Allegro method.
The OCTAVE Allegro approach provides organizations a comprehensive methodology that focuses on information assets in their operational context. Risks are identified and analyzed based on where they originate, at the points where information is stored, transported, and processed. By focusing on operational risks to information assets, participants learn to view risk assessment in the context of the organization's strategic objectives and risk tolerances.
For organizations required to be compliant with PCI-DSS v2.0, OCTAVE Allegro satisfies the requirement for an annual risk assessment outlined in paragraph 12.1.2 of the standard.
Through lectures, class exercises, and discussions, the course covers the OCTAVE-prescribed activities for risk identification, analysis, and response. After completing the course, attendees will be able to use OCTAVE Allegro to
This course will help participants to
There are no prerequisites for this course.
Participants will receive:
This three-day course meets at the following times:
Day 1, 8:30 a.m.-4:30 p.m.
Day 2, 8:30 a.m.-4:30 p.m.
Day 3, 8:30 a.m.-4:00 p.m.
Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials.
Course Fees [USD]
U.S. Industry: $1900
U.S. Government/Academic: $1525
Carnegie Mellon University/Software Engineering Institute offices will be closed for winter break, December 23, 2016-January 2, 2017. SEI course registrations received during this period will be confirmed and enrollment completed on January 3, 2017.
This course may be offered by special arrangement at customer sites.