Broder: Risk Analysis and the Security Survey, 4th Edition

Case Studies with Questions and Answers

Chapter 06: Cost/Benefit Analysis

Your company is considering a move to a new city overseas that suffers from a high crime rate and a neighboring government that is not very stable. Certain threats, including terrorism, have been identified. Management would like you to develop a vulnerability assessment using the National Infrastructure Protection Plan, but you have just read about an emerging risk assessment methodology that is considered state of the art.

Questions

  1. Under the Plan, what must you demonstrate to use the emerging methodology?

    2. Correct Answer

    The answer should include elements of a risk assessment—risk (R), consequence (C), venerability (V), and threat (T). According to the Plan, analysis must be documented (adequately described) and the results must be reproducible, defensible (based on sound risk analysis principles), and complete (assesses C, V, and T for each scenario).

  2. How would you measure its effectiveness?

    3. Correct Answer

    The answer should include some description of good management and quality control initiatives.

Copyright © 2012, Elsevier Inc. All rights Reserved.