Risk Management Concepts Flashcards
1
Q
Elements of risk
A
threat –> exploit vulnerabilities –> results in exposure –> which is risk –> which is mitigated by safeguards –> which protect assets –> which are endangered by threats
2
Q
7 Steps of Quantitative Risk analysis
A
- Assign Asset Value (AV)
- Calculate Exposure Factor (EF)
- Calculate Single Loss Expectancy (SLE)
- Assess Annualized Rate of Occurrence (ARO)
- Derive Annualized Loss Expectancy (ALE)
- Cost / Benefit Analysis for countermeasures
3
Q
Examples for Qualitative Risk Analysis
A
Brainstorming Delphi technique storyboarding focus groups surveys questionnaires checklists one to one meetings interviews
4
Q
Delphi technique
A
anonymous feedback and response process;
used to enable group to reach anonymous consensus;
primary purpose: elicit honest + uninfluenced responses
5
Q
6 Steps of Risk Management Framework (RMF)
A
- Categorize
- Select
- Implement
- Assess
- Authorize
- Monitor
