
211
A
Absolute/relative metrics, 16–17
Absolute risk evaluations, 208
Acceptable interruption window (AIW), 157
Acceptable risk, 123, 125, 126
and information security risk
management, 112
over time, 128
Accounting method, 27
Accuracy, 74
Actionable information, 7, 24, 74, 81
Address resolution protocol (ARP), 157
Adhocracy culture, 177, 179
Admin violations, 23
Advanced encryption standard (AES), 157
Aircraft analogy, 75–77
Alliance for Enterprise Security Risk
Management (AESRM), 157
Ambiguity, lack of, 74
American Institute of Certified Public
Accountants (AICPA), 157
American Standard Code for Information
Exchange (ASCII), 157
Annual loss expectancy (ALE), 30 ...