Share
Explore BrainMass

Values changes on cost per incident and frequency of occurrence

Assume a year passed and XYZ software Co. has improve its security. Using the following table, calculate the SLE, ARO, and the ALE for each category listed.

1.Programer Mistakes
Cost per incident =$5000
Frequency of ocurrence = 1 per month
cost of control= $20,000
type of control = training

2.Loss of intellectual property
cost per incident =$75,000
frequency of occurrence = 1 per 2 years
cost of control = $15,000
type of control = firewall/ids

3.Software piracy
cost per incident = $500
frequency of occurrence = 1 per 2 year
cost of control = $30,000
type of control = firewall/ids

4. Theft of information ( hacker)
cost per incident = $2500
frequency of occurrence = 1 per 6 months
cost of control = $15000
type of control = firewall/ids

5. Theft of information ( employee)
cost per incident = $5000
frequency of ocurrence = 1 per year
cost of control = $15000
type of control = physical security

6. Web defacement
cost per incident = $500
frequency of occurrence = 1 per quarter
cost of control = $10,000
type of control = firewall

7.Theft of equipment
cost per incident = $5000
frequency of occurrence = 1 per 2 year
cost of control = $15000
type of control = physical security

8.Viruses, worms, troyan horses
cost per incident = $1500
frequency of occurrence = 1 per month
cost of control = $15000
type of control = antivirus

9.Denial-of-service attack
cost per incident = $2500
frequency of occurrence = 1 per 6 moths
cost of control = $10000
type of control = firewall

10.Earthquake
cost per incident = $250000
frequency of occurrence = 1 per 20 years
cost of control = $5000
type of control = insurance /backups

11. Floods
cost per incident = $5000
frequency of occurrence = 1 per 10 years
cost of control = $10000
type of control = insurance/backups

12. Fire
cost per incident = $100,000
frequency of occurrence = 1 per 10 year
cost of control = $10,000
type of control = insurance/backups

Why have some values changes on cost per incident and frequency of occurrence?
How could a control affect one but not the other?

Solution Preview

Calculate the SLE ( single loss expectancy), ARO (annualized of occurrence), and ALE( annualized loss expectancy) for each threat category listed
Assume a year passed and XYZ software Co. has improve its security. Using the following table, calculate the SLE, ARO, and the ALE for each category listed.

1.programer Mistakes
Cost per incident =$5000
Frequency of occurrence = 1 per month
cost of control= $20,000
type of control = training

2.loss of intellectual property
cost per incident =$75,000
frequency  of occurrence = 1 per 2 years
cost of control = $15,000
type of control =Â Â firewall/ids

3.software piracy
cost per incident = $500
frequency of occurrence = 1 per 2 year
cost of control = $30,000
type of control = firewall/ids

4. theft of  information ( hacker)
cost per incident = $2500
frequency of occurrence = 1 per 6 months
cost of control = $15000
type of control = firewall/ids

5.  theft of  information ( employee)
cost per incident = $5000
frequency of occurrence = 1 per year
cost of control = $15000
type of control = physical security

6. web defacement
cost per incident = $500
frequency of occurrence = 1 per quarter
cost of control = $10,000
type of control = firewall

7.theft of equipment
cost per incident = $5000
frequency of occurrence = 1 per 2 year
cost of control = $15000
type of control = physical security

8.viruses, worms, trojan horses
cost per incident = $1500
frequency of occurrence = 1 per month
cost of control = $15000
type of control = antivirus

9.denial-of-service attack
cost per incident = $2500
frequency of occurrence = 1 per 6 moths
cost of control = $10000
type of control = firewall

10. earthquake
cost per incident = $250000
frequency of occurrence = 1 per 20 years
cost of control = $5000
type of control = insurance /backups

11. floods
cost per incident = $5000 ...

Solution Summary

The values changes on cost per incident and frequency of occurrence are examined.

$2.19