Risk Management
Read this page and watch the video to learn more about the purpose of risk management and the four stages of the risk management process. Before you move on, make sure you have a good understanding of the formulas, and that you are able to use the formulas on this page to calculate single loss expectancy (SLE), annual rate of occurrence (ARO), and annual loss expectancy (ALE).
Instruction
Calculating Risk Exposure
Risk exposure is a calculation done as part of a risk assessment. Read How to Calculate Risk Exposure Value.
Using a Qualitative Risk Analysis, risk exposure is the Probability of the risk occurring multiplied by the total loss on Risk Occurrence. The risk exposure is the potential for financial loss. A quantitative risk analysis is shown in Table 1.
Table 1: Calculation of Annualized Loss Expectancy
EF – Exposure Factor SLE – Single Loss Expectancy ARO – Annualized Rate of Occurrence ALE – Annualized Loss Expectancy
Using a Qualitative Risk Analysis, risk exposure is the Probability of the risk occurring multiplied by the total loss on Risk Occurrence. The risk exposure is the potential for financial loss. A quantitative risk analysis is shown in Table 1.
Table 1: Calculation of Annualized Loss Expectancy
Table 1: Calculation of Annualized Loss Expectancy
| Asset | Threat | Asset Value | EF | SLE | ARO | ALE |
|---|---|---|---|---|---|---|
| File Server | Virus every year | $15,000 | .20 | 3,000 | ½ (.5) | 1,500 |
| Operation Center | Hurricane every 10 years | $1,000,000 | .90 | 900,000 | 1/5 (.2) | 180,000 |
EF – Exposure Factor SLE – Single Loss Expectancy ARO – Annualized Rate of Occurrence ALE – Annualized Loss Expectancy
Formulas:
- SLE = Asset Value * EF
- ARO = Incidents / Year
- ALE = SLE * ARO