A 10-Step Framework for Managing Risk
Software Engineering Institute
Brett Tucker, a technical manager for cyber risk in the SEI CERT Division, discusses the Operationally Critical Threat, Asset, and Vulnerability Evaluation for the Enterprise (OCTAVE FORTE) Model. OCTAVE FORTE is a process model that helps organizations evaluate their security risks and use principles of ERM to bridge the gap between executives and practitioners. In this SEI Podcast, Tucker outlines OCTAVE FORTE's 10-step framework to guide organizations in managing risk.