Understand quantitative risk analysis

Exam Essentials 
91
would experience if a specific asset were violated by a realized risk. By calculating exposure 
factors, you are able to implement a sound risk management policy.
Know what single loss expectancy (SLE) is and how to calculate it.
SLE is an element 
of quantitative risk analysis that represents the cost associated with a single realized risk 
against a specific asset. The formula is SLE = asset value (AV) * exposure factor (EF).
Understand annualized rate of occurrence (ARO).
ARO is an element of quantitative risk 
analysis that represents the expected frequency with which a specific threat or risk will 
occur (in other words, become realized) within a single year. Understanding AROs further 
enables you to calculate the risk and take proper precautions.
Know what annualized loss expectancy (ALE) is and how to calculate it.
ALE is an ele-
ment of quantitative risk analysis that represents the possible yearly cost of all instances of 
a specific realized threat against a specific asset. The formula is ALE = single loss expec-
tancy (SLE) * annualized rate of occurrence (ARO).
Know the formula for safeguard evaluation.
In addition to determining the annual cost of 
a safeguard, you must calculate the ALE for the asset if the safeguard is implemented. Use 
the formula: ALE before safeguard – ALE after implementing the safeguard – annual cost 
of safeguard = value of the safeguard to the company, or (ALE1 – ALE2) – ACS.

Download 19,3 Mb.

Do'stlaringiz bilan baham: