How do you calculate residual risk?

How do you calculate residual risk?

How do you calculate residual risk?

A.
Threat x risk x asset value

B.
(Threat x asset value x vulnerability) x risks

C.
SLE x frequency = ALE

D.
(Threats x vulnerability x asset value) x controls gap

Explanation:
The equation is more conceptual than it is practical. It is hard to
assign a number to a vulnerability and a threat individually. What this equation is
saying is look at the potential loss to a specific asset and look at the controls
gap, which means what the specific countermeasure cannot protect against. What is
left is the residual risk. Residual risk is what is left over after a countermeasure
is implemented.



Leave a Reply 0

Your email address will not be published. Required fields are marked *