Management Of Information Security
6th Edition
ISBN: 9781337405713
Author: WHITMAN, Michael.
Publisher: Cengage Learning,
expand_more
expand_more
format_list_bulleted
Question
Chapter 7, Problem 5E
Program Plan Intro
Single loss expectancy:
- The expected monetary loss every time a risk occurs is called the Single Loss Expectancy.
- The Single Loss Expectancy (SLE), Exposure Factor (EF) and Asset Value (AV) are related by the formula:
- SLE = EF * AV
- Introducing this conceptual breakdown of Single Loss Expectancy into Exposure Factor and Asset Value allows us to adjust the two terms independently and is related to risk management and risk assessment.
- Asset Value may vary with market changes, inflation while Exposure Factor can be reduced by enabling preventive measures.
Annualized loss expectancy:
- The product of the single loss expectancy (SLE) and the annual rate of occurrence (ARO) give annualized loss expectancy (ALE).
- It is mathematically expressed as:
- ALE = SLE * ARO
- The important feature of Annualized Loss Expectancy is that it can be used directly in a cost- benefit analysis.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
What is a Containment Strategy in the context of an incident? Give one or two instances and elaborate on them
What is a Containment Strategy for an Incident? Give one example and talk about it.
Describe what the GRANT statement means and how it relates to safety. Are there any restrictions on the privileges that may be bestowed upon someone? What steps must be taken before they may be revoked?
Chapter 7 Solutions
Management Of Information Security
Ch. 7 - Prob. 1RQCh. 7 - Prob. 2RQCh. 7 - Prob. 3RQCh. 7 - Prob. 4RQCh. 7 - Prob. 5RQCh. 7 - Prob. 6RQCh. 7 - Prob. 7RQCh. 7 - Prob. 8RQCh. 7 - Prob. 9RQCh. 7 - Prob. 10RQ
Ch. 7 - Prob. 11RQCh. 7 - Prob. 12RQCh. 7 - Prob. 13RQCh. 7 - Prob. 14RQCh. 7 - Prob. 15RQCh. 7 - Prob. 16RQCh. 7 - Prob. 17RQCh. 7 - Prob. 18RQCh. 7 - Prob. 19RQCh. 7 - Prob. 20RQCh. 7 - Prob. 1ECh. 7 - Prob. 2ECh. 7 - Prob. 3ECh. 7 - Prob. 4ECh. 7 - Prob. 5ECh. 7 - Prob. 6ECh. 7 - Prob. 7ECh. 7 - Prob. 1DQCh. 7 - Prob. 2DQCh. 7 - Prob. 1EDM
Knowledge Booster
Similar questions
- Take the most recent instance of a security flaw involving authentication or access control that was reported in the media. If that is the case, how did it influence the day-to-day operations? Is there a list anywhere that details the specific losses that have been suffered by the company?arrow_forwardhow can the osi model be used when we are selecting security controls?arrow_forwardWhich model coverage is the best compromise between effort and percentage of detected failures? Justify.arrow_forward
- Which four factors have most increased computer-related incidents? Which variables are these?arrow_forwardConsider a high-profile event that occurred recently and included authentication or authorisation. How has it altered day-to-day life, if true? Where can I get a detailed accounting of the company's monetary losses?arrow_forwardWhat specifically are some instances of different scenarios in which overfitting could take place?arrow_forward
- How might XYZ Software Company arrive at the values in the table shown in Exercise 3? For each entry, describe the process of determining the cost per incident and frequency of occurrence.arrow_forwardUsing the list of possible, probable, and definite indicators of an incident, draft a recommen- dation to assist a typical end user in identifying these indicators. Alternatively, using a gra- phics package, such as PowerPoint, create a poster to make the user aware of the key indicators.arrow_forwardConsider a recent incident in the news involving a breach in authentication or access control. If that is the case, how did it effect normal business? Is there a list anywhere that details the specific losses that the corporation has racked up?arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,