Cost benefit analysis (cba)-information security, Computer Network Security

Cost Benefit Analysis (CBA)

The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which are to be protected and the loss in value if those assets are compromised. The formal manner to document this is called as cost benefit analysis or economic feasibility study. Items which impact cost of a control or safeguard include: cost of development; implementation cost; service costs; training fees; cost of maintenance.

Benefit is the value an organization realizes by using controls to avoid losses associated with vulnerability. Asset valuation is the process of assigning financial value or worth to every information asset; there are several components to asset valuation.

Once worth of various assets is anticipated, potential loss from exploitation of vulnerability is examined. Process results in approximation of potential loss per risk. Expected loss per risk stated in equation given below:

Annualized loss expectancy (ALE) equals Single loss expectancy (SLE) TIMES Annualized rate of occurrence (ARO),Here SLE is equal to asset value times exposure factor (that is EF).

Posted Date: 10/9/2012 2:22:44 AM | Location : United States







Related Discussions:- Cost benefit analysis (cba)-information security, Assignment Help, Ask Question on Cost benefit analysis (cba)-information security, Get Answer, Expert's Help, Cost benefit analysis (cba)-information security Discussions

Write discussion on Cost benefit analysis (cba)-information security
Your posts are moderated
Related Questions
Address resolution algorithms may be grouped into three basic types: Table lookup Closed-form computation Message Exchange 1. TABLE LOOKUP: In Table Loo

QUESTION (a) What do you meant by data spoliation? (b) Justify the following statement: "Disk imaging differs from creating a standard backup of disk." (c) Why do yo

Example : Softbank – theft of consumer data for extortion Softbank of Japan offers broadband Internet services across Japan through 2 subsidiaries – Yahoo! BB and Softbank BB. I

Border Gateway Protocol It is a protocol needed to advertise the set of networks that can be achieved within an autonomous machine. BGP activates this information to be shared

In the e-mail system, where the e-mail messages are saved and why? E-mail messages are saved in user’s private electronic mailbox. A mailbox refers to a local/domestic hard drive c

Encode the following plaintext, using the Caesar cipher: LORD OF THE RINGS b) The following ciphertext jw njbh lxmn cx kanjt has been encoded using a

BUS TOPOLOGY In a bus topology all devices are attached to a single long cable and any device can send data to any other device. For this function, coordination is needed to d

1.  We used the National Vulnerability Database. Select a recent vulnerability from that Database and analyse it from the following aspects: Criticality level Impact in

Social Network development in Java: Project Title: SUGGESTLOCAL (Nov 2006-April 2007) Role             : Developer Domain        : Social Network Client          :

Normal 0 false false false EN-US X-NONE X-NONE