Sign In
Not register? Register Now!
Essay Available:
Pages:
2 pages/β‰ˆ550 words
Sources:
6 Sources
Style:
APA
Subject:
IT & Computer Science
Type:
Coursework
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 12.96
Topic:

Module 1 SLP: Information Security System Risk Management

Coursework Instructions:

Module 1 - SLP
INFORMATION SECURITY SYSTEM RISK MANAGEMENT
This assignment requires you to do a cost and benefit analysis for the following company. You will need to study carefully the cost and benefit calculation section at "Home" of module 1.
Ebidding company has a ecommerce website that generate $500,000 per year. Calculate the annualized rate of occurrence (ARO) and annualized loss expectancy (ALE) for each risk:
Category Cost per incident Frequency of occurrence
Programming errors $1,000 2 per week
Information theft(hacker) $2,000 1 per quarter
Information theft(employee) $5,000 1 per year
Viruses $1,000 1 per year
Denial of service attacks $3,500 1 per 6 month
Natural diaster $100,000 1 per 20 years
Note: read background materials, and also make sure to convert frequency of occurrence to yearly base.
One year past, calculate the cost and benefit of controls that have been in place.
Category
Cost per incident
Frequency of occurrence
Cost of control Type of control
Programming errors $1,000 2 per week $2500 Training
Information theft(hacker) $2,000 1 per quarter $10,000 Firewall
Information theft(employee) $5,000 1 per year $10,000 Physical security
Viruses $1,000 1 per year $10,000 Anti-virus
Denial of service attacks $3,500 1 per 6 month $10,000 Firewall
Natural diaster $100,000 1 per 20 years $15,000 Insurance

Coursework Sample Content Preview:

MODULE 1 - SLP INFORMATION SECURITY SYSTEM RISK MANAGEMENT
Name:
Instructor:
Institution:
Date:
According to Bragg (2002), risk management entails all the processes and efforts necessary, so as to assist in the mitigation or reduction of the risks that can compound an organization’s information assets. Risk management entails identification of any risks, evaluation of the risks, and any probabilistic estimation of the risks, before then coming up with the most efficient ways of managing the risk. The assessment and approximations usually go as far as measuring the extent of the risks and the cost of containing them (Wheeler, 2011).
Another crucial aspect of risk management is the estimation of whether a given risk would cost less when efforts are made to contain it, or it would cost less to incur the losses caused by the risk. This is what essentially constitutes a cost-benefit analysis of any imminent risks in a given organization (Agarwal, Campoe& Pierce, 2014). According to Pironti (n.d.), coming up with, and investing in an Information Security and Risk Management (ISRM) Strategy by an organization, is pivotal towards its objectives and overall direction. The strategy helps to align the organization’s long-term goals against its risk profile.
Before venturing to the calculations, it would be better to understand the terminologies, so as to have an easier interpretation of the computations. Single Loss Expectancy (S.L.E.) is what the business incurs financially on a single loss. It is the product of the Value of the Asset and the Exposure Factor. Annualized Rate of Occurrence (A.R.O.) indicates the most likely frequency or expectation that a given risk would recur. Its value usually covers a wide range, from null or never (0) to a huge figure (Feldman, Misenar& Conrad, 2012).

Cost

Frequency

Cost of Control

Nature of Control

SLE

ARO

ALE

Programming Errors

$1000

2 in a week

$2500

Training

1000

104

$104,000

Information Theft via hacking

$2000

1 in one-quarter

$10000

Firewall

2000

4

$8000

Information Theft via Employees

$5000

1 annually

$10000

Physical Se...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Order

πŸ‘€ Other Visitors are Viewing These APA Coursework Samples:

HIRE A WRITER FROM $11.95 / PAGE
ORDER WITH 15% DISCOUNT!
Order Now