Professional Documents
Culture Documents
Worksheet
2. Can you determine the values of the items that you are carrying?
3. Which of the items do you think has the highest intangible value?
4. Rank/rate the above list of items from most important to least important?
5. Why have you given this ranking/rating? Have you taken into consideration the
tangible and intangible value of each of the items when you are ranking/rating the
list of items?
7. What are the threats that you may encounter in this situation?
For the company, discuss the following with your team members:
1. What are the assets for the company? For each asset you have given, determine
whether they are tangible or intangible.
2. What do you think are the vulnerabilities? What is the difference between vulnera-
bilities and threats?
3. Now rank/rate each of the vulnerabilities based on each of the quotations. Why
have you given this value for each of the quotations?
What are the potential threats that the company will face?
Rank/rate the threats based on each of the given quotations. Likewise, why have
you given this value for each of the quotations?
5. Based on the Qualitative Risk Analysis, which of the quotations is the best?
6. Do you think Qualitative Risk Analysis is the best way to justify the quotation? Do
you need to take into considerations of other factors when you choose the quota-
tion?
2. Consider the following scenario: Tom a risk analyst officer estimated that in year
Company XYZ loses 7 laptops due to either theft or negligence. A loss of $1000
was also estimated for each laptop misplaced/stolen. Tim the CEO of the company
questioned Tom if it was worthwhile getting insurance for all company laptops.
Assuming that the insurance cost $10,000 per annum, should Tom recommend
purchasing it? Explain the decision. (Watch the video in the link provided below)
3. Referring to Q2, if the loss incurred per missing laptop does not include the loss of
confidential information, is it still fair to assign a loss of $1000 to each laptop?
Justify why.
Hint: http://www.professormesser.com/free-comptia-security-training/risk-calculations/
Assets Template
List the assets and rank/rate the value from 1 (least important) to 5 (Most important)
Assets Value Tangible?(Yes/No)
Employees ? ?
Threats template
Rank/rate the threats from 1(the lowest) to 5(the highest)
Threats Quotation 1 Quotation 2 Quotation 3
Fire ? ? ?
Vulnerabilities template
Rank/rate the vulnerabilities from 1(the least vulnerable) to 5 (the most vulnerable)
Vulnerabilities Quotation 1 Quotation 2 Quotation 3
Building Access ? ? ?