Cost benefit analysis (cba)-information security, Computer Network Security

Cost Benefit Analysis (CBA)

The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which are to be protected and the loss in value if those assets are compromised. The formal manner to document this is called as cost benefit analysis or economic feasibility study. Items which impact cost of a control or safeguard include: cost of development; implementation cost; service costs; training fees; cost of maintenance.

Benefit is the value an organization realizes by using controls to avoid losses associated with vulnerability. Asset valuation is the process of assigning financial value or worth to every information asset; there are several components to asset valuation.

Once worth of various assets is anticipated, potential loss from exploitation of vulnerability is examined. Process results in approximation of potential loss per risk. Expected loss per risk stated in equation given below:

Annualized loss expectancy (ALE) equals Single loss expectancy (SLE) TIMES Annualized rate of occurrence (ARO),Here SLE is equal to asset value times exposure factor (that is EF).

Posted Date: 10/9/2012 2:22:44 AM | Location : United States







Related Discussions:- Cost benefit analysis (cba)-information security, Assignment Help, Ask Question on Cost benefit analysis (cba)-information security, Get Answer, Expert's Help, Cost benefit analysis (cba)-information security Discussions

Write discussion on Cost benefit analysis (cba)-information security
Your posts are moderated
Related Questions
?Examples should include direct costs items, indirect costs items, as well as variable costing. ?What are at least 5 types of expenses that are associated with manufacturing the

what is the guaranteed quality of this coursework? how many days it take for 10-12 pages? how much will be? thanks

QUESTION (a) What do you understand by a VLAN? Provide one advantage of using a VLAN. (b) What is a trunk port in a VLAN? (c) A VLAN will be created using one or more

What is one-time pad for encryption?  Describe how it offers both Confusion and Diffusion. Using the letter encoding discussed in class (along with one-time

CYCLIC REDUNDANCY CHECK (CRC) To activate a network system to check move error without increasing the amount of information in every packet another most successful method is m

Q. Secure routing Protocols for Wireless Sensor Networks? A secure routing information protocol enables effective implementation of authentication and integrity checking defens

QUESTION (a) Briefly explain the contents of the Needs Analysis, which is step in the process of network design. (b) Describe on the three ways of improving the performan

Attacks on Cryptosystems Attacks are attempts to achieve unauthorized access to secure communications have characteristically used brute force attacks. Attacker may alternatively

Q. Explain about Security aware protocols? The security-Aware ad hoc Routing (SAR) protocol based on the security attributes integrated into the ad hoc route discovery provides

Problem (a) Differentiate between private key and public key encryption. (b) What issue with private key encryption is resolved with public key encryption? (c) Describe