NT2580 Unit 6 Quantitative And Qualitative Risk Assessment Analysis
Nt2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis
NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis
Qualitative Risk Assessment Single loss expectancy (SLE) : Total loss expected from a single incident Annual rate of occurrence (ARO): Number of times an incident is expected to occur in a year Annual loss expectancy (ALE): Expected loss for a year
ALE = SLE X ARO
Safeguard value: Cost of a safeguard or control
Scenario: Richman Investments provides high-end smartphones to several employees. The value of each smartphone is $500, and approximately 1,000 employees have these company-owned devices. In the past year, employees have lost or damaged 75 smartphones .
With this inforr.nation, calculate the following: SLE • • ARO= _ 75 _ __ _
=- - - - $500.00
ALE= _ _ _ __ $37,500.00
Richman is considering buying insurance for each smartphone. Use the ALE to determine the usefulness of this safeguard. For example, Richman could purchase insurance for each device for $25 per year. The safeguard value is $25 X 1,000 devices, or $25 ,000. It is estimated that if the insurance is purchased , the ARO will decrease to 5. Should the company purchase the insurance?
Determine the effectiveness of the safeguard: Current ALE =
$37,500.00 ARO with control = 5
ALE with control = - - - - -
$35,000.00 Savings with control =
------
$7,500.00
(Current ALE - ALE with control)
Safeguard value (cost of control) = $25,000
Realized savings = _$17,500.00 (Savings with control - safeguard value)
- _____ Should Richman buy the insurance? Explain your answer.
Richman should not purchase the insurance because the projection leaves a negative $17,500.00.
© ITT Educational Services
Page 1
NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis
Qualitative Risk Assessment
Probability: The likelihood that a threat will exploit a vulnerability. Probability can use a
NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis
Qualitative Risk Assessment Single loss expectancy (SLE) : Total loss expected from a single incident Annual rate of occurrence (ARO): Number of times an incident is expected to occur in a year Annual loss expectancy (ALE): Expected loss for a year
ALE = SLE X ARO
Safeguard value: Cost of a safeguard or control
Scenario: Richman Investments provides high-end smartphones to several employees. The value of each smartphone is $500, and approximately 1,000 employees have these company-owned devices. In the past year, employees have lost or damaged 75 smartphones .
With this inforr.nation, calculate the following: SLE • • ARO= _ 75 _ __ _
=- - - - $500.00
ALE= _ _ _ __ $37,500.00
Richman is considering buying insurance for each smartphone. Use the ALE to determine the usefulness of this safeguard. For example, Richman could purchase insurance for each device for $25 per year. The safeguard value is $25 X 1,000 devices, or $25 ,000. It is estimated that if the insurance is purchased , the ARO will decrease to 5. Should the company purchase the insurance?
Determine the effectiveness of the safeguard: Current ALE =
$37,500.00 ARO with control = 5
ALE with control = - - - - -
$35,000.00 Savings with control =
------
$7,500.00
(Current ALE - ALE with control)
Safeguard value (cost of control) = $25,000
Realized savings = _$17,500.00 (Savings with control - safeguard value)
- _____ Should Richman buy the insurance? Explain your answer.
Richman should not purchase the insurance because the projection leaves a negative $17,500.00.
© ITT Educational Services
Page 1
NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis
Qualitative Risk Assessment
Probability: The likelihood that a threat will exploit a vulnerability. Probability can use a