Cost benefit analysis (cba)-information security, Computer Network Security

Assignment Help:

Cost Benefit Analysis (CBA)

The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which are to be protected and the loss in value if those assets are compromised. The formal manner to document this is called as cost benefit analysis or economic feasibility study. Items which impact cost of a control or safeguard include: cost of development; implementation cost; service costs; training fees; cost of maintenance.

Benefit is the value an organization realizes by using controls to avoid losses associated with vulnerability. Asset valuation is the process of assigning financial value or worth to every information asset; there are several components to asset valuation.

Once worth of various assets is anticipated, potential loss from exploitation of vulnerability is examined. Process results in approximation of potential loss per risk. Expected loss per risk stated in equation given below:

Annualized loss expectancy (ALE) equals Single loss expectancy (SLE) TIMES Annualized rate of occurrence (ARO),Here SLE is equal to asset value times exposure factor (that is EF).


Related Discussions:- Cost benefit analysis (cba)-information security

Listing assets in order of importance-risk management, Listing Assets in Or...

Listing Assets in Order of Importance Weighting should be created for each category based on the answers to questions. The relative importance of each asset is calculated usin

Risk determination, Risk Determination For purpose of relative risk asse...

Risk Determination For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an elem

Broadband Technology, In 10 or more pages, address the following topics (be...

In 10 or more pages, address the following topics (be sure to use diagrams as well as references). 1) Define broadband and baseband transmission technology. 2) Describe broadban

Explain in des data encryption standard, Explain in DES Data Encryption Sta...

Explain in DES Data Encryption Standard : DES stands for Data Encryption Standard and is explained as follows: DES is at present the most widely used key cryptographic systems

Describe the role of dns root servers in network, QUESTION (a) Describ...

QUESTION (a) Describe the role of DNS root servers in the Internet network. (b) What do you understand by the handover concept in a mobile network? (c) List five meth

Non-repudiation and auditing, Proof that the sender forwards the message. I...

Proof that the sender forwards the message. It also prohibits the author of the code from falsely denying that he forward the message. This is achieved by record using the exact ti

Define network, A Network is described as a system for connecting compu...

A Network is described as a system for connecting computers using a single transmission technology. The computers can interact with each other in a network. They can receive an

Major difference between a virus and a worm, Question: (a) State wheth...

Question: (a) State whether the following statements are TRUE or FALSE. Justify your answer. i. A good site security policy will require that users use computer generated p

Explain how ftp works, QUESTION (a) FTP is a protocol used for the de...

QUESTION (a) FTP is a protocol used for the delivery of files across networks. Explain how FTP works (support your answer with a diagram). (b) How does TCP perform the gi

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd