Key Terms

Annualized Loss Expectancy (ALE)

The ALE is an annual expected financial loss to an organization’s IT asset because of a particular threat being realized within that same calendar year.

Annualized Rate of Occurrence (ARO)

The ARO is a value that represents the estimated frequencyfor a given threat.

Asset Value (AV)

The AV is the actual dollar value that is put on the asset itself. Remember that for a data asset, the actual dollar value may be more than the value of the IT hardware, software, maintenance contracts, and so on.

Data classification standard

A standard that defines an organization’s classification of its data assets. Typically, a data classification standard will dictate the level of minimum acceptable risk within the seven ...

Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.