- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Quantitative Risk Analysis Step-By-Step
- Abstract
- In this paper, the use of a centralized data table containing reference data and estimating techniques for some of the key variables for determining risks and losses will help to present a stronger case for security improvement to management. A discussion of methods for the valuation of tangible and intangible assets will help to quantify the largest information security risk in the U.S., which is theft of proprietary information (Computer Security Institute). Additional focus is placed on important risk areas such as internet security, overseas security concerns, and laptop security. This paper should also help an IT security consultant to obtain new business through the creation of a well-written quantitative risk analysis.