User Account

All Pages

Calculate aro ale and cba

Assignment Help Business Management
Reference no: EM131261260

Assignment

Calculate ARO, ALE, and CBA

Learning Objective: Use existing conceptual frameworks to evaluate risk controls, and formulate a cost-benefit analysis.

Assignment Requirements

One year ago, the Mesusa Corporation conducted a threat evaluation and created a list of threats, the cost per incident and the projected frequency of occurrence. During the year, Mesusa decided to implement controls designed to reduce the cost per incidence and the number of threats. The spreadsheet, MesusaControls.xls, indicates the pre-control cost and frequency of occurrence, the cost of controls for each type of threat, and the post-control cost and frequency of occurrence. Calculate the AROs, the ALEs and the CBA for this initiative, and return the completed spreadsheet. You can use the websites linked above to help you out. Please include your name on your spreadsheet posted above before submission.

Submission Requirements

• Format: Microsoft Excel
• Font: Arial, 12-Point
• Help website to facilitate the work:

• https://www.windowsecurity.com/articles-tutorials/misc_network_security/Risk_Assessment_and_Threat_Identification.html
• https://www.pearsonitcertification.com/articles/article.aspx?p=728428&seqNum=4

INSTRUCTOR NOTES

ALE is a common quantitative method for assessing risk.

The first step in calculating ALE is to calculate Single Loss Expectancy (SLE). --> SLE = asset value * exposure factor

ALE is then calculated by multiplying SLE by Annualized Rate of Occurrence (ARO). --> ALE = SLE * ARO

For example, to calculate the exposure factor, assume the asset value of a small office building and its contents is $2 million. Also assume that this building houses the call center for a business, and the complete loss of the center would take away about half of the capability of the company. Therefore, the exposure factor is 50 percent. The SLE is $2 million * 0.5 = $1 million

The ALE is then calculated simply by multiplying the SLE by the number of times the event is expected to occur in a year, which is called the annualized rate of occurrence (ARO): --> ALE = SLE * ARO

Do NOT overthink ARO. If it is weekly, ARO is 52. If the event is expected to occur once in 20 years, then the ARO is 1/20. Typically the ARO is defined by historical data, either from a company's own experience or from industry surveys. Continuing our example, assume that a fire at this business's location is expected to occur about once in 20 years. Given this information, the ALE is: $1 million * 1/20 = $50,000.

Therefore, in order to protect the office building the company should spend no more than $50,000 on countermeasures protecting the building from complete loss.

•Office building and contents = $2 million

•Exposure factor 50%

•SLE = $2 million * 0.5 = $1 million

•ALE = SLE * ARO

•ARO = 1/20 (One occurrence every 20 years)

•ALE = $1 million * 1/20 = $50,000

Attachment:- Mesusacontrols.xls

Reference no: EM131261260

Questions Cloud

How can the effectiveness of the program be measured : How can the effectiveness of this program be measured? What effective methods or enhancing employee morale are available and where have they been successfully implemented?
Determine the maximum height z above the water surface : For the system shown in Fig. P12.6, water flows through the pump at a rate of 50 L/s.
Identify the legal concepts in the novel : Identify the legal concepts in the novel and discuss the connection between the legal concepts you are learning about in your textbook/class and we are discussing in class, give as many examples as you can.
Compute the npsh and the cavitation number : If the pump is to produce the same head and discharge at a location where the atmospheric pressure is 12 psi, what is the necessary change in elevation of the pump relative to the inlet reservoir to avoid cavitation?
Calculate aro ale and cba : Calculate ARO, ALE, and CBA. One year ago, the Mesusa Corporation conducted a threat evaluation and created a list of threats, the cost per incident and the projected frequency of occurrence.
Function in organizational settings : 1. What are the two major forms of workforce diversity? 2. What are stereotypes and how do they function in organizational settings? 3. What are the key biographical characteristics and how are they relevant to OB?
What are the discharge head rise and power requirements : What are the discharge, head rise, and power requirements for the second pump?
Employees to learn new technologies : IBM Offers Training and pay cuts to its employees to learn new Technologies. Is this program strategic? Why or Why Not? Should the employees salaries be reduced for the time they attend training programs? Provide a rationale for your answer. What ..
What type of pump is recommended : A pump operating under the conditions stated in Problem 12.16 has a maximum efficiency of 0.70. If the same pump is now required to deliver water at a head of 30.5 m at maximum efficiency, determine the rotational speed, the discharge, and the req..

Reviews

Write a Review

Business Management Questions & Answers

  Determining the jackpot amount paid out

Suppose you win the lottery in 2010 when the jackpot amount is $162 million. You can receive the jackpot amount paid out evenly over 26 years or you can elect to take an immediate payment of $95 million, before taxes. Ignore all tax effects. Assum..

  Ethical scales in situation

In the situation described above, is the firm acting unethically in any way and should motive or conduct carry greater weight on the ethical scales in this situation?

  Differentiate managements role from leaderships role

Differentiate management's role from leadership's role in deciding the most appropriate area for global expansion

  Explain the actual wages and salaries for the month

Explain The actual wages and salaries for the month was $19,980 and The activity variance for wages and salaries in May would be closest to-

  Identifying specific generations in the workplacein several

identifying specific generations in the workplacein several paragraphs identify and discuss the impact of these

  Ethical standards in management communications

The instance may be from your own workplace or from a business condition with which you are familiar

  Product to target market in the country

If Coke was to re-enter into the Cuba Market. What entry mode strategy should the company choose and why? How would you market the product to your target market in the country? (Think of themes, branding, names, packaging, and advertising)

  Discuss risk takingwhen making a decision how do you see

discuss risk takingwhen making a decision how do you see yourself as a risk taker? are you risk-averse or do you

  Analyze internal and external business processes

ISFM-300 Case Study, Stage 1: Business Environment Analysis. Read the "UMUC Haircuts Case Study" and review the "Walmart Example." analyze internal and external business processes to identify information systems requirements

  Advantages and disadvantages of job specialization

List two advantages and disadvantages of job specialization. What aspects of Taylorism (as described in the Unit III Lesson) have you encountered in any jobs you have had?

  Analyze the various codes as well as acts

Analyze the various codes as well as acts regarding discretionary employee benefits discussed and determine

  Create a hypothetical code of ethics

Discuss explain how the concept of sustainability fits into the theory of corporate social responsibility.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd