Question
An organization determines that the probability of unauthorized access to a database that contains personally identifiable information (PII) about its clients and employees is 5%
An organization determines that the probability of unauthorized access to a database that contains personally identifiable information (PII) about its clients and employees is 5% in a year. The total estimate of the loss due to this exposure is estimated to be 5 million dollars. This includes losses resulting from loss of reputation, business operations, fines imposed by FCC, legal fees. After consulting with a security firm, a product was identified that could implement stronger access control and that could allow security administrator to track such an unauthorized access. The total cost of the product is $500,000, plus $10,000/year for maintenance. The product should work well for next five years. It is estimated that, if implemented, it will protect from 90% of all such attacks. We want to know whether the organization should purchase this product.
1. What is the Single Loss Expectancy (SLE)? $ (Please enter digits only)
2. What is the Annualized Rate of Occurrence (ARO)? %
3. What is the calculated Annualized Loss Expectancy (ALE)? $ (Please enter digits only)
4. What would be the ARO if the countermeasure is implemented? %
5. What would be the corresponding ALE? $ (Please enter digits only)
6. What is the countermeasure cost for a year? $ (Please enter digits only)
7. Should the organization purchase this product? (Please enter Yes or No)
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started