Cost benefit analysis (cba)-information security, Computer Network Security

Assignment Help:

Cost Benefit Analysis (CBA)

The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which are to be protected and the loss in value if those assets are compromised. The formal manner to document this is called as cost benefit analysis or economic feasibility study. Items which impact cost of a control or safeguard include: cost of development; implementation cost; service costs; training fees; cost of maintenance.

Benefit is the value an organization realizes by using controls to avoid losses associated with vulnerability. Asset valuation is the process of assigning financial value or worth to every information asset; there are several components to asset valuation.

Once worth of various assets is anticipated, potential loss from exploitation of vulnerability is examined. Process results in approximation of potential loss per risk. Expected loss per risk stated in equation given below:

Annualized loss expectancy (ALE) equals Single loss expectancy (SLE) TIMES Annualized rate of occurrence (ARO),Here SLE is equal to asset value times exposure factor (that is EF).


Related Discussions:- Cost benefit analysis (cba)-information security

Principles of information security, The key concepts and frameworks covered...

The key concepts and frameworks covered in modules 1-4 are particularly relevant for this assignment. Assignment 2 relates to the specific course learning objectives 1, 2 and 3:

Local talk, LOCAL TALK Apple discovered the LAN technology that uses b...

LOCAL TALK Apple discovered the LAN technology that uses bus topology. Its interface is added with all Macintosh computers. It has very low speed i.e. 230.4Kbps. Also it is ch

Determine the round trip time, a) determine the RTT (round trip time) betwe...

a) determine the RTT (round trip time) between a client requesting a web page of 1024 bytes in size from an internal web server on a 100 Base-T Ethernet. Assume a one-way propagati

Minimum cost flow problem, QUESTION (a) A convex flow problem is a no...

QUESTION (a) A convex flow problem is a non linear network flow problem. Explain how a convex flow problem could be transformed into a Minimum Cost Flow problem. (b) Exp

Explain web defacement, QUESTION (a) Compare and contrast phishing and ...

QUESTION (a) Compare and contrast phishing and pharming attacks (b) Nowadays, web defacement may not always be visual (i) Explain web defacement (ii) What is the main

Explain about security aware protocols, Q. Explain about Security aware pro...

Q. Explain about Security aware protocols? The security-Aware ad hoc Routing (SAR) protocol based on the security attributes integrated into the ad hoc route discovery provides

Distinguish between steganograhy and cryptography, Question: (a) Disti...

Question: (a) Distinguish between Steganograhy and Cryptography. (b) "Playfair cipher is more secure than Monoalphabetic cipher." Justify this statement. (c) Various ap

Mention most relevant clause of iso 27001:2005, QUESTION (In this ques...

QUESTION (In this question, you will need to use the ISO 27001:2005 and ISO 27002:2005 standards) For each of the situations below, comment on the following: 1. Mention

How an attacker can effectively de-layer and analyse data, Around the globe...

Around the globe the bank controlled Co-ops (Visa, MasterCard, Discover, and American Express) have rolled out millions of smart cards under the EMV (Europay, MasterCard, VISA) sta

Cloud computing security infrastructure, i want to know about cloud computi...

i want to know about cloud computing server security infrastructure development process

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd