Explain in your own words what is meant by the terms Sweet Spot and Discretionary Area.

Author:

January 6th, 2018

Assessment item
Due date: 14-Jan-2015
Submission method: turnitin.com

Task
1. For this question you are required to make at least
two (2) forum postings, arguing either for or against the quantiative method of
risk assessment. You will be assessed on what you contribute to the debate in
terms of quality not quantity (though your posting should at a minimum be a few
sentences long). All new threads should contain the subject line “Quantitative
Debate”. Provide two posts.

2.
(a) Explain in your own words what
is meant by the terms Sweet Spot and Discretionary Area.

(b) Explain the significance of a security decision that is located to the
right of the Sweet Spot but outside the Discretionary Area.

(c) Explain the significance of a security decision that is located to the left
of the Sweet Spot but still inside the Discretionary Area.

(d) Explain why you think the Defined Highest Acceptable Risk is located on the
Sweet Spot, but the Defined Lowest Acceptable Risk is located to the right of
the Sweet Spot.
3. In his book, Ozier states that ‘The [ALE] algorithm
cannot distinguish effectively between low frequency/high-impact threats (such
as ‘fire’) and high-frequency/low impact threats (such as ‘misuse of
resources’).’ Explain why this is the case. Give an appropriate example to
illustrate your explanation.

4. (Note: Make sure you show ALL your working for this question)
The following threat statistics have been gathered by a risk manager. Based on
these, calculate the ALE for each threat.
.jpg”>
5. (Note: Make sure you show ALL your working for this
question)
Using the figures you calculated above, determine the relative ROSI (return on
security investment) for each of the same threats with the following controls
in place. Remember that a single control may affect more than one threat, and
you need to take this into account when calculating the ROSI. Based on your
calculations, which controls should be purchased? Give recommendations.
.jpg”>

6. Consider the data in the two tables that appear in questions 4
and 5 above. Sometimes a control may affect the cost per incident
and sometimes the occurrence frequency, and sometimes both. Why is this
the case? Illustrate your answer with an example drawn from the data provided.

7. The year is 1999 and you are the risk manager for a large financial
institution. You apply the Jacobson’s Window model to determine your company’s
preferred response to the impending Y2K bug. According to the model, should you
accept, mitigate, or transfer the Y2K risk? Why? Do you agree with the model’s
recommendations? Why or why not?

8. (Note: Make sure you show ALL your working for this question)
You want to persuade management to invest in an automated patching system. You
estimate the costs and benefits over the next five years as follows:

Benefits: Year 1 Year 2 Year 3 Year 4 Year 5
$2,000 $2,500 $4,000 $4,000 $4,000
Costs: Year 1 Year 2 Year 3 Year 4 Year 5
$3000 $2000 $750 $250 $250

Calculate the Net Present Value (NPV) for this investment. Assuming that
management has set the Required Rate of Return at 10%, should the investment be
made? Why or why not?
9. There are a number of qualitative risk assessment
models that are available for use, such as FRAAP, OCTAVE, OWASP and
CRAMM. Choose one of these models and briefly describe how risk
assessment is conducted under this model. Describe an example situation where
you could use this selected model. Give your assessment of the
validity, or otherwise, of this risk assessment model.

Rationale of assessment:
To demonstrate your understanding
of:

• the principles of security risk management; and
• the application of risk management principles to real-world examples.
Marking criteria
Question 1

Two forum postings on quantitative risk management (2 marks)
Logical arguments for or against quantitative risk management (4
marks)
Contributes to the overall debate on the forum (2 marks)
Correct spelling and grammar (2 marks)

Question 2

Discussion of each sub-question (2 marks)
Use of at least two supporting references (2 marks)

Question 3

Explanation of the statement by Ozier (6 marks)
Appropriate example with a heading. (3 marks)
Use of at least two supporting references (1 mark)

Question 4

Table produced with ALE for each threat (8 marks)
Working shown (2 marks)

Question 5

Relative ROSI calculated based on the ALEs in questions 5 & 6
(6 marks)
Correct recommendations on controls to purchase (2 marks)
Working shown (2 marks)

Question 6

Discussion on change in cost per incident values (4 marks)
Discussion on change in occurrence frequency values (4 marks)
Appropriate example to illustrate problem (2 marks)

Question 7

Assumptions/problem background (2 marks)
Application of the model to the problem (4 marks)
Recommendations based on the application of the model (3
marks)
Use of at least two supporting references (1 mark)

Question 8

Calculation of NPV (6 marks)
Working shown (2 marks)
Recommendation based on NPV calculation (2 marks)

Question 9

Description of how risk assessment model works (2 marks)
Example of the use of the model (3 marks)
Assessment of validity of the model (4 marks)
Use of at least two supporting references (1 mark)

Note:
·
Each question should be
answered according to its marking scale provided.
·
References with in-text
referencing should be provided where asked (8-10 references).
·
Use APA referencing style.
·
Use different headings for
examples where examples are asked.

Calculate the price

Make an order in advance and get the best price

Type of paper

Academic level

Deadline

Pages (550 words)

$0.00

*Price with a welcome 15% discount applied.

Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.

We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.

How it works

Receive a 100% original paper that will pass Turnitin from a top essay writing service

step 1

Upload your instructions

Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.

step 2

Control the process

Once you place an order with our professional essay writing services, we will email you login details to your account. There, you'll communicate with the writer and support team and track the writer's progress.

step 3

Download your paper on time

As soon as your work is ready, we’ll notify you via email. You'll then be able to download it from your account and request a revision if needed. Please note that you can also rate the writer's work in your account.

Pro service tips

How to get the most out of your experience with Essay Fountain

One writer throughout the entire course

If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.

The same paper from different writers

You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."

Copy of sources used by the writer

Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.

Testimonials

See why 20k+ students have chosen us as their sole writing assistance provider

Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.

Social Work and Human Services

Thank you for the revision.

Customer 452919, October 7th, 2025

Social Work and Human Services

Thank you for presenting the paper n-time. The team is getting much better. I have used you guys for a at least 4 semesters and will continue throughout my college career.

Customer 452919, February 21st, 2024

Psychology

Awesome work!

Customer 452521, June 27th, 2020

Psychology

Communication on the small delay was appreciated and final result was worth the wait. Thank you.

Customer 452665, March 18th, 2021

Arts and Applied Sciences

I am having to run the paper through my editor, which is a good thing. It allows me to edit any errors.

Customer 452919, January 20th, 2025

Sociology

Thank you!

Customer 452919, April 26th, 2022

Sociology

I enjoyed the writer's work. Please send the writer's ID. The paper was available ahead of the due date and numbered each question to ensure mee that it was covered. AWESOME WORK!

Customer 452919, April 20th, 2022

Other

Should have been around social worker in the UK but I can adapt it.

Customer 453101, August 5th, 2022

English 101

well written excellent job, thank you!!

Customer 452989, December 2nd, 2021

Sociology

Thanks to the entire team!

Customer 452919, December 8th, 2021

Social Work and Human Services

Everything looks good. I will have to submit it in Turnitin, and we will see what they say,

Customer 452919, October 14th, 2025

Sociology

Thank you. You all have been timely, and amazing.

Customer 452919, May 3rd, 2022

11,595

Customer reviews in total

96%

Current satisfaction rate

3 pages

Average paper length

37%

Customers referred by a friend

OUR GIFT TO YOU

15% OFF your first order

Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.

Claim my 15% OFF Order in Chat