Qualitative Risk Assessment
Single loss expectancy (SLE): Total loss expected from a single incident
Annual rate of occurrence (ARO): Number of times an incident is expected to occur in a year
Annual loss expectancy (ALE): Expected loss for a year


Safeguard value: Cost of a safeguard or control

Scenario: Richman Investments provides high-end smartphones to several employees. The value of each smartphone is $500, and approximately 1,000 employees have these company-owned devices. In the past year, employees have lost or damaged 75 smartphones.

With this information, calculate the following: ▪ SLE = ____________ ▪ ARO = ___________ ▪ ALE = ____________

Richman is considering buying insurance for each smartphone. Use the ALE to determine the usefulness of this safeguard. For example, Richman could purchase insurance for each device for $25 per year. The safeguard value is $25 X 1,000 devices, or $25,000. It is estimated that if the insurance is purchased, the ARO will decrease to 5. Should the company purchase the insurance?

Determine the effectiveness of the safeguard: ▪ Current ALE = ______________ ▪ ARO with control = 5 ▪ ALE with control = _____________ ▪ Savings with control = ___________ (Current ALE - ALE with control) ▪ Safeguard value (cost of control) = $25,000 ▪ Realized savings = _____________ (Savings with control - safeguard value)

Should Richman buy the insurance? Explain your answer.
Qualitative Risk Assessment
Probability: The…...

