Cost benefit analysis (cba)-information security, Computer Network Security

Assignment Help:

Cost Benefit Analysis (CBA)

The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which are to be protected and the loss in value if those assets are compromised. The formal manner to document this is called as cost benefit analysis or economic feasibility study. Items which impact cost of a control or safeguard include: cost of development; implementation cost; service costs; training fees; cost of maintenance.

Benefit is the value an organization realizes by using controls to avoid losses associated with vulnerability. Asset valuation is the process of assigning financial value or worth to every information asset; there are several components to asset valuation.

Once worth of various assets is anticipated, potential loss from exploitation of vulnerability is examined. Process results in approximation of potential loss per risk. Expected loss per risk stated in equation given below:

Annualized loss expectancy (ALE) equals Single loss expectancy (SLE) TIMES Annualized rate of occurrence (ARO),Here SLE is equal to asset value times exposure factor (that is EF).


Related Discussions:- Cost benefit analysis (cba)-information security

Example of a public key algorithm, Question : (a) There are two approa...

Question : (a) There are two approaches for providing confidentiality for packets in a network using symmetric encryption: End-to-End Encryption and Link Encryption. State wh

Explain the approaches to lric modeling, (a) Cost allocation mechanisms ar...

(a) Cost allocation mechanisms are important when it comes to establishing other aspects of inter-firm compensations and how these are transferred to the users. There are two pri

Ethical hacking penetration testing, Get a copy of Metasploitable at Make...

Get a copy of Metasploitable at Make">http://sourceforge.net/projects/metasploitable/files/Metasploitable2/ Make sure to follow these directions very carefully. You will get po

Application layer protocol, Problem a) Give the destination IP address, up...

Problem a) Give the destination IP address, upper layer protocol, TTL in decimal and header checksum in hexadecimal; the source port number and the destination port number in deci

Ucsf medical center case study-information security, Example : UCSF Medical...

Example : UCSF Medical Center In the year 2002, the University of California, San Francisco (UCSF) Medical Center received an email message from someone who claimed to be a doct

Udp datagram format, UDP DATAGRAM FORMAT: It is given in the figure be...

UDP DATAGRAM FORMAT: It is given in the figure below:

Explain the basic network topologies, Question: (i) ‘Implementation' is...

Question: (i) ‘Implementation' is a critical stage of the Systems Development Life Cycle. Show the four approaches which are commonly used to implement information systems in

Major difference between a virus and a worm, Question: (a) State wheth...

Question: (a) State whether the following statements are TRUE or FALSE. Justify your answer. i. A good site security policy will require that users use computer generated p

Use the chinese remainder theorem to evaluate x, Use the Chinese remainder ...

Use the Chinese remainder theorem to evaluate x from the following simultaneous congruences: x ≡ 1 (mod 2); x ≡ 2 (mod 3); x ≡ 3 (mod 5). Calculate gcd(14526, 2568). (

Advantages and disadvantage of packet filtering firewall, Advantages and Di...

Advantages and Disadvantage of Packet Filtering firewall   Advantages One screening router can help protect entire network One key advantage of packet filter

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd