Scenario: Performing an Initial Risk Assessment

There are two methods to doing this:  qualitative and quantitative.  Qualitative does not assign dollar values to components of the risk analysis.

A quantitative assessment process involves these three steps:

  1. Estimate potential losses – Single Loss Expectancy (SLE) = Asset Value x Exposure Factor.
  2. Conduct a threat analysis – the goal is to estame the Annual Rate of Occurrence (ARO).  This number value represents how many times the event is expected to happen in one year.
  3. Determine Annual Loss Expectancy (ALE) – this formula is calculated as follows: ALE = Single Loss Expectancy (SLE) x Annual Rate of Occurrence (ARO)

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.