Risk Management
Read this page and watch the video to learn more about the purpose of risk management and the four stages of the risk management process. Before you move on, make sure you have a good understanding of the formulas, and that you are able to use the formulas on this page to calculate single loss expectancy (SLE), annual rate of occurrence (ARO), and annual loss expectancy (ALE).
Instruction
Countermeasure Selection Considerations: Review
Applying criteria for selection will assist in measuring the true costs of implementing that countermeasure. Take the case of an ATM at a bank. The following questions should be asked:
There are seven possible functions that a security countermeasure can fulfill.
Various countermeasures can perform one or more of these functions.
- What are the 'real' costs of changing security controls?
- How would a chip and pin solution be calculated effectively? What would need to be considered?
- What other options may have been considered instead of chip and pin? Shutting down ATMs? Biometrics? More physical security?
There are seven possible functions that a security countermeasure can fulfill.
- Control access
- Help assess the attack
- Delay the attack
- Deter an attack
- Detect an attack
- Respond to the attack
- Collect evidence of the attack
Various countermeasures can perform one or more of these functions.