Question
Why have some values changed in the Cost per Incident and Frequency of Occurrence columns? How could a control affect one but not the other?
Why have some values changed in the Cost per Incident and Frequency of Occurrence columns? How could a control affect one but not the other? Assume that the values in the Cost of Control column are unique costs directly associated with protecting against the threat. In other words, dont consider overlapping costs between controls. Calculate the CBA for the planned risk control approach in each threat category. For each threat category, determine whether the proposed control is worth the costs.
| Threat Category | SLE | Frequency of occurrence | Cost of Control | Type of Control |
| Programmer mistakes | $5,000 | 1 per week | $20,000 | Training |
| Loss of intellectual property | $75,000 | 1 per year | $15,000 | Firewall/IDS |
| Software piracy | $500 | 1 per week | $30,000 | Firewall/IDS |
| Theft of information (hacker) | $2,500 | 1 per quarter | $15,000 | Firewall/IDS |
| Theft of information (employee) | $5,000 | 1 per 6 months | $15,000 | Physical security |
| Web defacement | $500 | 1 per month | $10,000 | Firewall |
| Theft of equipment | $5,000 | 1 per year | $15,000 | Physical security |
| Viruses, worm, trojan horses | $1,500 | 1 per week | $15,000 | Antivirus |
| Denial-of-service attack | $2,500 | 1 per quarter | $10,000 | Insurance/backups |
| Earthquake | $250,000 | 1 per 20 years | $5,000 | Insurance/backups |
| Flood | $250,000 | 1 per 10 years | $10,000 | Insurance/backups |
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access with AI-Powered Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started