Risk Management Explain the DifferenceEssay

Pages: 2 (784 words)  ·  Bibliography Sources: 2  ·  File: .docx  ·  Level: College Senior  ·  Topic: Business - Management

Risk Management

Explain the difference between a Quantitative and Qualitative Analysis and discuss how to calculate the following: expected loss, single loss expectancy, annualized loss expectancy and safeguard value.

Quantitative analysis is when you are looking at specific variables (i.e. mathematical formulas) to understand the over nature of the threat or issues surrounding an IT protocol. ("Quantitative Analysis," 2011) Qualitative analysis is when you examining numerous formulas to comprehend the overall scope the risks facing a particular system. The way that expected loss is calculated is by taking the probability that a certain positive event will happen (usually in the form of percentage) and adding it to specific negative situations that could occur. The way single loss expectancy is calculated is by taking the asset value and multiplying it into the exposure factor. To determine the annualized loss expectancy you would multiply the single loss expectancy into the annual rate of occurrence. The safeguard value is determined by subtracting the annual loss expectancy rate before the incident from the annualized loss expectancy after an incident. You would then subtract these numbers from the annual safeguard costs (Landoll, 2006, pg. 417)

Describe the differences between the following risk assessment methods: FAA Security Risk Management Process, OCTAVE, FRAP, CRAMM, and NSA IAM.Download full
paper NOW!

TOPIC: Essay on Risk Management Explain the Difference Between a Assignment

The FAA Security Risk Management Process was designed to provide everyone with a workable solution for understanding the risks facing a particular protocol throughout the life cycle management procedure. It provides a qualitative method for the kinds of level formulas, descriptions and calculations. OCTAVE establishes a process for guidelines, time lines, checklists and the methodology description for a security assessment procedure. It includes a number of different phases most notably: asset-based threat profiles, infrastructure vulnerability identification and security strategy development. FRAP is when you are using the qualitative method to understand the nature of the threat in a three step process over the course of ten days. CRAMM is a qualitative tool that examines the methodology, computations and reporting of various computation models. The NSA IAM is a risk assessment tool that assesses risks through: pre-assessment procedures, an onsite visit and post assessment analysis. This usually takes place with 2 to 3 people conducting the examination. (Landoll, 2006, pp. 427 -- 430)

If you could, which security reporting methodology would recommend to promote an organizational security culture, in which stakeholders are more… [END OF PREVIEW] . . . READ MORE

Two Ordering Options:

- or -

2.  Write a NEW paper for me!✍🏻

How to Cite "Risk Management Explain the Difference" Essay in a Bibliography:

APA Style

Risk Management Explain the Difference.  (2011, July 27).  Retrieved July 31, 2021, from https://www.essaytown.com/subjects/paper/risk-management-explain-difference/964744

MLA Format

"Risk Management Explain the Difference."  27 July 2011.  Web.  31 July 2021. <https://www.essaytown.com/subjects/paper/risk-management-explain-difference/964744>.

Chicago Style

"Risk Management Explain the Difference."  Essaytown.com.  July 27, 2011.  Accessed July 31, 2021.
https://www.essaytown.com/subjects/paper/risk-management-explain-difference/964744.