Risk Management: Analysis and Assessment

A general indication of significant areas of ______ is provided.

The value of information (CIA) is expressed in ______ terms with supporting rationale.

Risk assessment results are derived and expressed in management's language, ______ value, percentages, and probability annualized.

Meaningful ______ analysis is supported in quantitative risk assessment.

The ______ of calculations is a con of quantitative risk assessment.

Not practical to execute a ______ risk assessment without using a recognized automated tool and associated knowledge bases.

A ______ amount of information gathering is required for a quantitative risk assessment.

Standard, independent ______ population and threat frequency knowledgebase not yet developed and maintained.

Quantitative risk assessment requires knowledge of ______ to physical assets and stored information.

A recognized automated tool is required for a ______ risk assessment.

Recognized automated tools and associated knowledge bases are necessary for a ______ risk assessment.

Quantitative risk analysis attempts to assign independently ______ numeric numbers to all elements of the risk analysis

Quantitative risk analysis deals with ______ values

Annualized Loss Expectancy (ALE) is calculated by ______ Single Loss Expectancy X Annualized Rate of Occurrence

Exposure Factor (EF) is a measure of the ______ of loss or impact on the value of an asset

Single Loss Expectancy (SLE) is calculated by ______ Asset Value X Exposure Factor

Annualized Rate of Occurrence (ARO) is the ______ with which a threat is expected to occur

The probability of an event can range from ______ to 1

Quantitative risk analysis uses ______ to calculate the risk

In the formula ALE=ARO X (Asset Value X Exposure Factor), ALE stands for ______ Loss Expectancy

Safeguard Effectiveness is the degree, expressed as a ______, to which a safeguard can be characterized as effectively mitigating a vulnerability