Management Of Information Security

6th Edition
WHITMAN + 1 other
Publisher: Cengage Learning,
ISBN: 9781337405713



Management Of Information Security

6th Edition
WHITMAN + 1 other
Publisher: Cengage Learning,
ISBN: 9781337405713
Chapter 7, Problem 3E
Textbook Problem

How could we determine EF if there is no percentage given? Which method is easier for determining the SLE: a percentage of value lost or cost per incident?

Program Plan Intro

Single loss expectancy:

  • The expected monetary loss every time a risk occurs is called the Single Loss Expectancy.
  • The Single Loss Expectancy (SLE), Exposure Factor (EF) and Asset Value (AV) are related by the formula:
    • SLE = EF * AV
  • Introducing this conceptual breakdown of Single Loss Expectancy into Exposure Factor and Asset Value allows us to adjust the two terms independently and is related to risk management and risk assessment.
  • Asset Value may vary with market changes, inflation while Exposure Factor can be reduced by enabling preventive measures.

Annualized loss expectancy:

  • The product of the single loss expectancy (SLE) and the annual rate of occurrence (ARO) give annualized loss expectancy (ALE).
  • It is mathematically expressed as:
    • ALE = SLE * ARO
  • The important feature of Annualized Loss Expectancy is that it can be used directly in a cost- benefit analysis.

Explanation of Solution

Determination of Exposure factor (EF):

  • The exposure factor denotes a loss percentage for a specific asset if a threat is recognized.
  • It denotes a personal value that person measuring risk need to define.
  • It is represented as impact of risk over asset or asset percentage lost.
  • To determine EF when percentage is not given, asset value is to be compared.
  • The asset value that is to be lost is to be computed.
  • Based on asset value lost, exposure factor could be computed.
  • If asset is been entirely lost, exposure factor will be 1...

Still sussing out bartleby?

Check out a sample textbook solution.

See a sample solution

The Solution to Your Study Problems

Bartleby provides explanations to thousands of textbook problems written by our experts, many with advanced degrees!

Get Started

Chapter 7 Solutions

Management Of Information Security
Show all chapter solutions

Additional Engineering Textbook Solutions

Find more solutions based on key concepts
Show solutions add
The standard taper in most lathe tailstocks is the _______ taper.

Precision Machining Technology (MindTap Course List)

What is a typical amperage rating for a residential building?

Engineering Fundamentals: An Introduction to Engineering (MindTap Course List)

Describe the role of a CIO within an organization.

Principles of Information Systems (MindTap Course List)

What is meant by remote control?

Electric Motor Control

Cloud Services Enterprise Software Apps Many companies make use of enterprise software apps to manage customer ...

Enhanced Discovering Computers 2017 (Shelly Cashman Series) (MindTap Course List)

If your motherboard supports ECC DDR3 memory, can you substitute non-ECC DDR3 memory?

A+ Guide to Hardware (Standalone Book) (MindTap Course List)

What is a mixing chamber? Where is it located?

Welding: Principles and Applications (MindTap Course List)