Question
Calculate ARO, ALE, and CBA Do not overthink the assignment this week. ALE is a common quantitative method for assessing risk. The first step in
-
Calculate ARO, ALE, and CBA
Do not overthink the assignment this week.
ALE is a common quantitative method for assessing risk.
The first step in calculating ALE is to calculate Single Loss Expectancy (SLE). --> SLE = asset value * exposure factor
ALE is then calculated by multiplying SLE by Annualized Rate of Occurrence (ARO). --> ALE = SLE * ARO
For example, to calculate the exposure factor, assume the asset value of a small office building and its contents is $2 million. Also assume that this building houses the call center for a business, and the complete loss of the center would take away about half of the capability of the company. Therefore, the exposure factor is 50 percent. The SLE is $2 million * 0.5 = $1 million.
The ALE is then calculated simply by multiplying the SLE by the number of times the event is expected to occur in a year, which is called the annualized rate of occurrence (ARO): --> ALE = SLE * ARO.
If the event is expected to occur once in 20 years, then the ARO is 1/20. Typically the ARO is defined by historical data, either from a companys own experience or from industry surveys. Continuing our example, assume that a fire at this businesss location is expected to occur about once in 20 years. Given this information, the ALE is: $1 million * 1/20 = $50,000.
Therefore, in order to protect the office building the company should spend no more than $50,000 on countermeasures protecting the building from complete loss.
- Office building and contents = $2 million
- Exposure factor 50%
- SLE = $2 million * 0.5 = $1 million
- ALE = SLE * ARO ARO = 1/20 (One occurrence every 20 years)
- ALE = $1 million * 1/20 = $50,000
ARO = Annual Rate of Occurrence. Do NOT get bogged down in the equation. Annual Rate of Occurrence is simply how many times this occurs in a year. If the spreadsheet says weekly and there are 52 weeks in a year, ARO = 52. The only time folks get in trouble with this assignment is by trying to go too deep. This should be your easiest assignment of the course.
-
Assignment Requirements
One year ago, the Mesusa Corporation conducted a threat evaluation and created a list of threats, the cost per incident and the projected frequency of occurrence. During the year, Mesusa decided to implement controls designed to reduce the cost per incidence and the number of threats.
Please include your name on your spreadsheet before submission.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started