Section 5.2 Flashcards
What is ARO?
Annualized Rate of Occurrence provides a metric of how likely it is that something will happen.
What is AV?
Asset Value (AV) is the value of the asset to the organization. This may include the cost of the asset, its effect on company sales, potential regulatory fines, etc.
What is EF?
Exposure Value (EF) is a percentage of the value lost due to an incident. For example losing a quarter of the value is .25, and losing the entire asset is 1.0.
What is SLE?
Single Loss Expectancy is the monetary loss if a single event occurs. The formula is AV x EF. For example if a laptop is stolen then the AV is 1000 and since its stolen the EF is 1.0, so 1000 x 1.0 = $1000 SLE
What is ALE?
Annualized Loss Expectancy (ALE) is the ARO x SLE. So if 7 laptops were lost then 7x1000 = $7000 ALE
What is a risk appetite?
Risk appetite is the amount of accepted risk before taking any action to reduce that risk.
What is RTO?
Recovery Time Objective is the amount of time it will take to recover from an event and be back up and running.
What is RPO?
Recovery Point Objective (RPO) is a point in time in which we can say were now up and running. For example we may need to have a total of 12 months of customer data recovered in our database for us to say that we are back up and running.
What is MTTR?
Mean time to repair (MTTR) is the average time required to fix an issue. For example how long it will take someone to diagnose a problem, buy the new asset and replace the asset.
What is MTBF?
Mean time between failures (MTBF) is the time estimated time that the system will run before there is another outage. This helps to plan out when the system might go down again.
