Dear All:
Hi all I am a Graduate Student at UMD and am working on a paper on security risk perception. I was wondering if you good souls would find it in your heart to help a poor (overworked underpaid) graduate student. I will be grateful if you can take a few minutes out to fill this 5 question survey. I will not be able to disclose information about this paper as it may bias your reply. But I will be happy to share the paper with you if you are interested once it is written. The paper is about security risk assessment off course.
The survey is very simple below are basic definitions of risk assessment which are followed by 5 questions. I assure you that this is not SPAM and the reason I am using e-mail instead of a webpage is that often people don't click the link to fill in a small survey. The question regarding your job function is there because I can classify the response accordingly.
Thank you for your help. May god bless you for helping the poor and needy.
Regards,
S. Hull
DEINITIONS
--------Annualized Loss Expectancy (ALE)----- Annualized Loss Expectancy (ALE) is the expected monetary loss that can be expected for an asset due to a risk over a one year period. It is defined as:
ALE baseline = SLE * ARO where SLE is the Single Loss Expectancy and ARO is the Annualized Rate of Occurrence.
---------Single Loss Expectancy-------
The Single Loss Expectancy (SLE) is the expected monetary loss every time a risk occurs. The Single Loss Expectancy, Asset Value (AV), and exposure factor (EF) are related by the formula:
SLE = AV * EF
Where asset value (AV) is a monetary value assigned to an asset and exposure factor ( EF) is the proportion of an asset's value that is likely to be destroyed by a particular risk, expressed as a percentage
Annualized Rate of Occurrence is the probability that a risk will occur in a particular year
-------Benefits of safeguard---------
The savings or reduction in loss is given by
S = ALE baseline - ALE with new safeguard
The benefit from investment is equivalent to the reduction in loss and is given by
B= Loss Reduction Alternative Explanation
An alternative explanation of ALE is as given below.
ALE= (Expected Rate of Loss) x (value of the loss)
The savings or reduction in loss is given by
S = ALE baseline - ALE with new safeguard
The benefit from investment is equivalent to the reduction in loss and is given by
B= Loss Reduction
QUESTIONS
- ALE with new safeguard < ALE baseline ______ True ______ False ______ Neither true nor false ______ Can't say
Answer:
- Introduction of a safeguard a. Increases risk b. Decreases risk c. Does not change the risk d. All of the above (a, b and c) e. Introduces new risk Answer:
- Introduction of a new safeguard a. Does not impact the effectiveness of other safeguards b. Decreases the effectiveness of other safeguards c. Increases the effectiveness of other safeguards d. May impact the effectiveness of other safeguards Answer:
- My role in security decision is a. Security Analyst b. Security Administrators c. Decision Maker d. System Administrator e. ___________________ Answer:
- When it comes to security risk assessment a. I am an expert b. I am new to this concept c. I am familiar with the concept d. I use it all the time e. ___________________ Answer: