Assume a year has passed and XYZ has improved security by applying a number of controls. Using
Question:
Why have some values changed in the columns Cost per Incident and Frequency of Occurrence? How could a control affect one but not the other?
Assume the values in the Cost of Control column presented in the table are those unique costs directly associated with protecting against that threat. In other words, dont worry about overlapping costs between controls. Calculate the CBA for the planned risk control approach for each threat category. For each threat category, determine if the proposed control is worth thecosts.
Fantastic news! We've Found the answer you've been seeking!
Step by Step Answer:
Related Book For
Principles of Information Security
ISBN: 978-1285448367
4th Edition
Authors: Michael E. Whitman, Herbert J. Mattord
Question Posted: