The formula evaluates whether implementing a safeguard is cost-effective:
Cost Benefit Analysis = ALE (Before) - ALE (After) - Annual Safeguard Cost
Purpose
Measures the financial viability of implementing security controls.
Helps in prioritizing security investments by comparing the reduction in potential losses against the cost of the safeguard.
Comparison of Options
A. Safeguard Value: Refers to the protective value of a safeguard, not this formula.
C. Single Loss Expectancy: Represents a single event's loss, not cost-benefit analysis.
D. Life Cycle Loss Expectancy: Unrelated to this formula, as it refers to losses over a system’s lifecycle.
EC-Council References
This formula is emphasized in EC-Council risk management modules as essential for decision-making.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit