1) Describe one way of computing the impact (loss expectancy) of a ...

1) Describe one way of computing the impact (loss expectancy) of a threat as a value (in a currency of your choice), where impact combines the seriousness of a threat with the likelihood of it being realized. You may suppose that you have some idea of the cost to your organization if the threat is realized, and also that you have an estimate for the probability of threat realization.

2) How might a financial estimate for threat impact be used to decide whether or not to implement a countermeasure to the threat? What shortcomings are there in taking a purely numerical approach to risk management?

3) Accountability requires every action to be assignable to a single individual. Privacy requires that some actions can be made in an anonymity-preserving way. Are these notions irreconcilable?

These solutions may offer step-by-step problem-solving explanations or good writing examples that include modern styles of formatting and construction of bibliographies out of text citations and references. Students may use these solutions for personal skill-building and practice. Unethical use is strictly forbidden.

A method to estimate the loss in a currency can be established in the following way.
First of all, the single loss expectancy is computed as the difference between asset value and exposing factor.
Then the loss of expectancy is the product between annual rate of occurrence and the single loss expectancy.
As numerical example, for an asset value of 50,000 $ and an exposing factor of 10%, SLE is $5,000
Then the annualized loss of expectancy is $5,000 * 3 (for rate of occurrence 3) ==$15,000...