Audrey Dorofee is a senior member of the technical staff at the Software Engineering Institute.
She has worked in the risk management, information security, and process improvement fields for 19 years. Her current work at the SEI is focused on complex risk management, mission success, CMMI-SVC, and cyber security. Prior to the SEI, she worked for the MITRE Corporation and the National Aeronautics and Space Administration. She has co-authored two books, Managing Information Security Risks: The OCTAVESM Approach (Addison-Wesley 2002) and the Continuous Risk Management Guidebook (Software Engineering Institute 1996).