Cost benefit analysis (cba)-information security, Computer Network Security

Assignment Help:

Cost Benefit Analysis (CBA)

The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which are to be protected and the loss in value if those assets are compromised. The formal manner to document this is called as cost benefit analysis or economic feasibility study. Items which impact cost of a control or safeguard include: cost of development; implementation cost; service costs; training fees; cost of maintenance.

Benefit is the value an organization realizes by using controls to avoid losses associated with vulnerability. Asset valuation is the process of assigning financial value or worth to every information asset; there are several components to asset valuation.

Once worth of various assets is anticipated, potential loss from exploitation of vulnerability is examined. Process results in approximation of potential loss per risk. Expected loss per risk stated in equation given below:

Annualized loss expectancy (ALE) equals Single loss expectancy (SLE) TIMES Annualized rate of occurrence (ARO),Here SLE is equal to asset value times exposure factor (that is EF).


Related Discussions:- Cost benefit analysis (cba)-information security

Documenting the results of risk assessment, Documenting the Results of Risk...

Documenting the Results of Risk Assessment The goal of this process is to recognize the information assets, list them, and rank according to those most required protection. The

Virtual terminal protocol vtp, Write down the short notes on VTR.  Communic...

Write down the short notes on VTR.  Communication between different types of the equipment and software is made possible by making use of the networks. Full-screen text editor is s

Explain the random key distribution, Q. Explain the random key distribution...

Q. Explain the random key distribution? The triple key management mechanisms ensure a better and complete security solution using the random key distribution mechanism. In this

TCP/IP v OSI, What are the main differences between TCP/IP vs OSI?

What are the main differences between TCP/IP vs OSI?

Nessus vulnerability, You see two IP addresses. The IP address 192.168.58.1...

You see two IP addresses. The IP address 192.168.58.130 is the one of Bt4. The IP address 192.168.58.133 has ports 135 and 445 open; which indicates that it is a Windows machine. S

Produce a pcap file from a wireshark capture, Question requires you to prod...

Question requires you to produce a pcap file from a Wireshark capture.  In addition, you must include a screen capture of Wireshark and some specific information regarding the fram

Mastering the complexity of network system, To master the complexity one mu...

To master the complexity one must apply the given points. CONCENTRATE IN UNDERSTANDING THE CONCEPTS: Instead of details of wires used to connect computers to a specif

What you understand by the term brute force attack, Question: a) Expla...

Question: a) Explain what you understand by the term brute force attack, giving an example of such an attack b) Briefly outline the concept of Caesar cipher and identify a

Example of a public key algorithm, Question : (a) There are two approa...

Question : (a) There are two approaches for providing confidentiality for packets in a network using symmetric encryption: End-to-End Encryption and Link Encryption. State wh

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd