Cost benefit analysis (cba)-information security, Computer Network Security

Assignment Help:

Cost Benefit Analysis (CBA)

The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which are to be protected and the loss in value if those assets are compromised. The formal manner to document this is called as cost benefit analysis or economic feasibility study. Items which impact cost of a control or safeguard include: cost of development; implementation cost; service costs; training fees; cost of maintenance.

Benefit is the value an organization realizes by using controls to avoid losses associated with vulnerability. Asset valuation is the process of assigning financial value or worth to every information asset; there are several components to asset valuation.

Once worth of various assets is anticipated, potential loss from exploitation of vulnerability is examined. Process results in approximation of potential loss per risk. Expected loss per risk stated in equation given below:

Annualized loss expectancy (ALE) equals Single loss expectancy (SLE) TIMES Annualized rate of occurrence (ARO),Here SLE is equal to asset value times exposure factor (that is EF).


Related Discussions:- Cost benefit analysis (cba)-information security

Object tracking using wireless sensor networks, This project involves the d...

This project involves the design and development of a simulation environment of many sensors tagging material/ machinery/equipment/etc in a warehouse site to help monitor and manag

Carrier sense multiple access (csma), CARRIER  SENSE MULTIPLE ACCESS (CSMA...

CARRIER  SENSE MULTIPLE ACCESS (CSMA) There is no central access management when computers transfer on Ethernet. For this solution the Ethernet employs CSMA to coordinate tran

Ids-information security, IDS Intrusion is a attack on information assets...

IDS Intrusion is a attack on information assets in which instigator attempts to gain entry into or disrupt normal system with harmful intent Incident response is an identificatio

What is the major security flaw of set, QUESTION (a) Discuss why it is ...

QUESTION (a) Discuss why it is considered more secure to use the SET (Secure Electronic Transaction) for e-commerce instead of using SSL (b) Describe how the dual signature

Log file monitors-information security, LOG FILE MONITORS Log file monit...

LOG FILE MONITORS Log file monitor (LFM) is similar to NIDS. It reviews log files generated by servers, network devices, and even other IDSs for patterns and signatures. Pattern

Discuss a communication channel, Question An organization is planning t...

Question An organization is planning to connect its networks to the Internet. The network is located within a four story building. A web server supporting online sales is also

Understanding a business model of a spammer, The first and foremost need of...

The first and foremost need of  any business is a role to perform for its client base, and for the spammer this will typically be the role of advertising products which, due to the

Firewall analysis tools-information security, FIREWALL ANALYSIS TOOLS Th...

FIREWALL ANALYSIS TOOLS There are a number of tools automate remote discovery of firewall rules and assist the administrator in analyzing rules Administrators who feel wary of u

Http protocol, Question (a) Name 3 popular electronic mail access prot...

Question (a) Name 3 popular electronic mail access protocols? (b) i. What is DNS? ii. Briefly, describe what it does and how it works? iii. Why does DNS use a dist

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd