Book Review - Managing Information Security Risks:

LogError writes "This book provides a powerful documentation on CERT/CC's Operationally Critical Threat, Asset, and Vulnerability Evaluation. It offers all the information you need to know while thinking about or starting the implementation of the OCTAVE into your organization."