Governance Flashcards
Risk Assessment
o Identify and Valuate Assetso Identify Threats and Vulnerabilities
Risk Analysis
o Qualitative o Quantitative (best)
Risk Mitigation/Response
o Reduce /Avoido Transfero Accept /Reject
Risk Management
- Risk Assessment2. Risk Analysis3. Risk Mitigation/Response4. Ongoing Risk Monitoring
TCO
Total Cost of Ownership (TCO)- total cost of a mitigating safeguard
Threat
potentially harmful occurrence (e.g. earthquake, attack)
Vulnerability
a weakness that allows a threat to cause harm
Impact
consequences or severity of the damage, sometimes expressed in dollars
AV
Asset Value (AV)- tangible (i.e. equipment costs) and intangible assets. Intangible assets are calculated by:- Market approach- price at which comparable assets have been purchased- Income approach- the present value of the future earning capacity- Cost approach- the cost incurred to recreate or replace asset
EF
Exposure Factor (EF)- percentage of value an asset lost due to an incident
ARO
Annual Rate of Occurrence (ARO)- number of losses per year
SLE
Single Loss Expectancy (SLE)- cost of a single loss; SLE = AV x EF
ALE
Annualized Loss Expectancy (ALE)- annual cost of loss due to risk; ALE = SLE x ARO
ROI
Return on Investment (ROI)- money saved by implementing a safeguard; ROI = ALE - TCO
Risk Option
Risk Options- Accept, Mitigate, Transfer (eg insurance), Reject (ignore)