Professional Documents
Culture Documents
04 RISK CHOICES
05 EXERCISE
1. CALCULATING ANNUALIZED LOSS
EXPECTANCY
Hardware
PII
* Asset value
Ex:
Hardware:
2500 USD
PII: 22500
AV: 25000 USD
USD
Deloitte, there are three methods for
calculating the value of intangible assets:
• Market approach: assumes that the fair
value of an asset reflects the price at
which comparable assets have been
purchased in transactions under similar
circumstances .
• Income approach: is based on the
premise that the value of an
… asset is the present value of the future
earning capacity that an asset will
generate over its remaining useful life.
• Cost approach: estimates the fair value
of the asset by reference to the costs
that would be incurred in order to
recreate or replace the asset
* Exposure factor
* Single-loss expectancy
The single-loss expectancy (SLE) is the cost of a
single loss.
SLE = AV * EF
SLE = 25,000*100%
= 250,00
* Annual rate of occurrence
=> Install software cost = 4000 Your TCO for the laptop encryption
project is $136,667 per year
x 70 $ = $ 280,000
3. RETURN ON INVESTMENT (ROI)
Accept
the risk
Transferring
risk
* Accept the risk
Some risks may be accepted. In some cases, it is
cheaper to leave an asset unprotected due to a specific
risk, rather than make the effort and spend the money
required to protect it. This cannot be an ignorant
decision; all options must be considered before
accepting the risk.
* Mitigating risk
Mitigating risk means lowering the risk to an
acceptable level. Lowering risk is also called risk
reduction, and the process of lowering risk is also
called reduction analysis.
Ex:
- accident insurance
- fire insurance
* Risk avoidance
A thorough risk analysis should be completed before
taking on a new project. If the risk analysis discovers
high or extreme risks that cannot be easily mitigated,
avoiding the risk (and the project) may be the best
option.
THANKS
Click here to add to the title