0%(2)0% au considerat acest document util (2 voturi)
2K vizualizări4 pagini
Richman Investments provides high-end smartphones to several employees. In the past year, 35 phones were lost or damaged out of 10,000 employees. Calculating the single loss expectancy (SLE) as $500, annual rate of occurrence (ARO) as 35, and annual loss expectancy (ALE) as $17,500. Richman is considering insuring each phone for $25 per year, costing $25,000 total. This would decrease the ARO to 1 and ALE to $2,500, saving $15,000. The realized savings of $10,000 makes the insurance worthwhile.
Richman Investments provides high-end smartphones to several employees. In the past year, 35 phones were lost or damaged out of 10,000 employees. Calculating the single loss expectancy (SLE) as $500, annual rate of occurrence (ARO) as 35, and annual loss expectancy (ALE) as $17,500. Richman is considering insuring each phone for $25 per year, costing $25,000 total. This would decrease the ARO to 1 and ALE to $2,500, saving $15,000. The realized savings of $10,000 makes the insurance worthwhile.
Richman Investments provides high-end smartphones to several employees. In the past year, 35 phones were lost or damaged out of 10,000 employees. Calculating the single loss expectancy (SLE) as $500, annual rate of occurrence (ARO) as 35, and annual loss expectancy (ALE) as $17,500. Richman is considering insuring each phone for $25 per year, costing $25,000 total. This would decrease the ARO to 1 and ALE to $2,500, saving $15,000. The realized savings of $10,000 makes the insurance worthwhile.
NT2580: Unit 6 Quantitative and Qualitative Risk Assessment
Analysis Qualitative Risk Assessment Single loss expectancy (SLE): Total loss expected from a single incident Annual rate of occurrence (ARO): Number of times an incident is expected to occur in a year Annual loss expectancy (ALE): Expected loss for a year ALE = SLE X ARO Safeguard alue: !ost of a safeguard or control Scenario: Ric"man #nestments proides "ig"$end smartp"ones to seeral employees% T"e alue of eac" smartp"one is &'(() and approximately *)((( employees "ae t"ese company$o+ned deices% #n t"e past year) employees "ae lost or damaged ,' smartp"ones% With this information, calculate the following: SLE - .&'((%((........... ARO - ..,'......... ALE - ...&/,)'((%((......... Ric"man is considering buying insurance for eac" smartp"one% 0se t"e ALE to determine t"e usefulness of t"is safeguard% 1or example) Ric"man could purc"ase insurance for eac" deice for &2' per year% T"e safeguard alue is &2' 3 *)((( deices) or &2')(((% #t is estimated t"at if t"e insurance is purc"ased) t"e ARO +ill decrease to '% S"ould t"e company purc"ase t"e insurance4 etermine the effectiveness of the safeguar!: !urrent ALE - ..&/,)'((............ ARO +it" control - ' ALE +it" control - ..2)'((.......... Saings +it" control - ...../')(((...... (!urrent ALE $ ALE +it" control) Safeguard alue (cost of control) - &2')((( Reali5ed saings - ..*()(((........... (Saings +it" control $ safeguard alue) Shoul! Richman "u# the insurance$ E%&lain #our answer' T"e deice are insured lessens t"e annual rate of occurrence by 6(7 and offers a saing of *()(((.............................................................................. .................................................................................... !TT "du#ational $ervi#es %a&e ' Davonte Brown NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis .................................................................................... .................................................................................... ..... !TT "du#ational $ervi#es %a&e 2 Davonte Brown NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis Qualitative Risk Assessment 8robability: T"e li9eli"ood t"at a t"reat +ill exploit a ulnerability% 8robability can use a scale of lo+) medium) and "ig") assigning percentage alues to eac"% #mpact: T"e negatie result if a ris9 occurs% :ou can use lo+) medium) or "ig" to describe t"e impact% :ou can calculate t"e ris9 leel using t"e follo+ing formula: Risk Level = (ro"a"ilit# X )m&act Scenario: Ric"man #nestments is concerned about t"e security of its customer data% ;anagement "as determined t"at t"e t"ree primary ris9s t"e company faces in protecting t"e data are as follo+s: 0naut"ori5ed access by an external party Sabotage by an internal employee <ard+are failures Ric"man "as created scales for t"e probability and impact of ris9s as follo+s: (ro"a"ilit#: Lo+ - *(7) ;edium - '(7) and <ig" - *((7 )m&act: Lo+ - *() ;edium - '() and <ig" - *(( After sureying 9ey indiiduals in t"e company) Ric"man calculated t"e probability and impact of eac" ris9) as s"o+n in t"e table belo+% *ase! on the information given a"ove, calculate the risk level for each risk: +ategor# (ro"a"ilit# )m&act Risk Level 0naut"ori5ed access by an external party 2' '( Sabotage by an internal employee ,' *(( <ard+are failures /( 2' Which risk has the highest risk level$ ......................... (rioriti,e the risks from high to low: 8riority *: 8riority 2: 8riority /: !TT "du#ational $ervi#es %a&e ( Davonte Brown NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis :ou need to present t"e data grap"ically to senior management in t"e form of a ris9 matrix% A sample ris9 matrix is s"o+n belo+: +om&lete the following risk matri% "ase! on #our !ata: !TT "du#ational $ervi#es %a&e )