2.2.30Supplies/Parts
There are no assets in this category.
2.2.31Uniform/Special Personnel Equipment
There are no assets in this category.
2.2.32Utilities
There are no assets in this category.
2.2.33Vehicles
There are no assets in this category.
2.2.34Water-craft
There are no assets in this category.
CHAPTER 2. ASSETS
The Tori risk analysis included 34 asset categories. [[[Some of the categories were divided into more descriptive sub-categories. For example, vehicles consisted of three resource names (company cars, service trucks, personal cars).]]] The determination of categories and values of assets was accomplished through interviews with [[[NAME and NAME personnel]]]. A review of the assets was performed by the Risk Analysis Team and Tori [[[and NAME]]] management.
The asset values were determined based on the cost of replacing the particular asset. The largest replacement value was for Customers, which is estimated at $2,000. (see Figure 4) and which constitutes 100.0% (see Figures 4 and 6) of the total value of all DATA CENTER assets. The next highest values for replacement cost were for categories Ammunition/Explosives and Art/Paintings. The values and percentages of the whole are, respectively, $0., at 0.0% and $0. at 0.0%.
2.1SUMMARY OF ASSET CATEGORIES
The following table provides a summary of the total replacement costs for each of the asset categories considered in the analysis.
Asset Category |
Replacement Cost |
Percentage of Total |
Customers |
$2,000. |
100.0% |
Ammunition/Explosives |
$0. |
0.0% |
Art/Paintings |
$0. |
0.0% |
Business Market Share |
$0. |
0.0% |
Cash |
$0. |
0.0% |
Communications Equipment |
$0. |
0.0% |
Computer Hardware |
$0. |
0.0% |
Construction Equipment |
$0. |
0.0% |
Controlled Substances |
$0. |
0.0% |
Aircraft |
$0. |
0.0% |
Electronic Equipment |
$0. |
0.0% |
Evidence |
$0. |
0.0% |
Facilities/Building |
$0. |
0.0% |
Food/Water/Perishables |
$0. |
0.0% |
Gold/Silver Gems |
$0. |
0.0% |
Intangibles |
$0. |
0.0% |
Large Weapons |
$0. |
0.0% |
Manufacturing Equipment |
$0. |
0.0% |
Negotiable Instruments |
$0. |
0.0% |
Nuclear Materials |
$0. |
0.0% |
Office Equipment |
$0. |
0.0% |
Personnel |
$0. |
0.0% |
Petroleum/Oils |
$0. |
0.0% |
Physical Inventory/Product |
$0. |
0.0% |
Production Resources |
$0. |
0.0% |
Proprietary Information |
$0. |
0.0% |
Real Property |
$0. |
0.0% |
Security System |
$0. |
0.0% |
Small Weapons |
$0. |
0.0% |
Supplies/Parts |
$0. |
0.0% |
Uniform/Special Personnel Equipment |
$0. |
0.0% |
Utilities |
$0. |
0.0% |
Vehicles |
$0. |
0.0% |
Water-craft |
$0. |
0.0% |
FIGURE 4
This information is presented below as a barchart.
Customers |
|
|
|
|
|
|
2,000 |
|
|
|
|
|
|
|
|
25 |
50 |
75 |
10 0 |
12 5 |
15 0 |
17 5 |
200 (x 10) |
|
|
|
Dollars |
|
|
|
|
FIGURE 5
The percentage of the total replacement cost for each category is indicated in the following diagram.
3.2 INCIDENTS INVOLVING EACH THREAT
Each Incident is defined as triple of the form <threat, loss category, asset category>. By doing things this way it is possible to separate the various forms of loss that a given threat may cause to the enterprise as the result of acting on the same asset category.
The sections below look at each threat and indicate the various incidents that were associated with it in the analysis. For each incident, a table is presented (FIGURES 13.1, 13.2, ...) indicating its SLE and ALE (where the ALE is generated by multiplying the SLE for the incident by the AFE of the threat). The overall ALE for a threat is the sum of the ALEs for each of the associated incidents. This is shown as the total of the third column. The percentage of this total represented by the ALE for each incident is indicated in the fourth column.
Also shown for each threat is a barchart that provides a visual presentation of the relative
magnitudes of the ALE for each incident. These are shown as FIGURES 14.1, 14.2, ....
Piecharts are then also provided that indicate the percentage of each threat ALE that is accounted for by each incident that is used in its calculation.
3.2.1Accident/Fatal - AFE: 0.02
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
|
Compromise, Customers |
$1,110. |
$23. |
100.9% |
|
Direct Loss, |
Intangibles |
$0. |
$0. |
0.0% |
Intangibles, |
Business Market Share |
$0. |
$0. |
0.0% |
Disruption, Cash |
$0. |
$0. |
0.0% |
||
Personal |
Injury/Loss of Life, Personnel |
$0. |
$0. |
0.0% |
|
Theft, |
Negotiable Instruments |
$0. |
$0. |
0.0% |
|
Personal |
Injury/Loss of Life, Customers |
$6. |
$0. |
0.6% |
|
Figure |
13.1 |
|
|
|
|
23
Comp, Customers
2 |
4 |
6 |
8 |
10 |
12 |
14 |
16 |
18 |
20 |
22 |
Dollars
Figure 14.1 Accident/Fatal - ALE's
6 Others (0.0%)
Comp, Custo mers (1 00.0%)
Figure 15.1 Accident/Fatal - ALE's
Comp, Customers |
|
|
|
|
|
|
|
|
|
1,110 |
|
|
|
|
|
|
|
|
|
|
|
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 (x 100) |
|
|
|
|
|
Dollars |
|
|
|
|
|
6
Life, Cus tomers
1 |
2 |
3 |
4 |
5 |
6 |
Dollars
Figure 16.1 Accident/Fatal - SLE's
3.2.2Accident/Injury - AFE: 1.00
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
Direct Loss, Cash |
$0. |
$0. |
0.0% |
Disruption, Cash |
$0. |
$0. |
0.0% |
Direct Loss, Controlled Substances |
$0. |
$0. |
0.0% |
Direct Loss, Facilities/Building |
$0. |
$0. |
0.0% |
Direct Loss, Intangibles |
$0. |
$0. |
0.0% |
Figure 13.2
3.2.3Activist - AFE: 0.10
The various incident classes associated with this threat are shown in the following table:
Incident |
Class |
SLE |
ALE |
% of total ALE |
|
Direct |
Loss, Facilities/Building |
$0. |
$0. |
0.0% |
|
Personal |
Injury/Loss of Life, Customers |
$0. |
$0. |
0.0% |
|
Figure |
13.3 |
|
|
|
|
3.2.4Arson - AFE: 0.02
The various incident classes associated with this threat are shown in the following table:
There are no incidents associated with this threat.
3.2.5Assault, Aggravated - AFE: 1.00
The various incident classes associated with this threat are shown in the following table:
There are no incidents associated with this threat.
3.2.6Assault, Sexual - AFE: 0.20
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
Compromise, Customers |
$0. |
$0. |
0.0% |
Figure 13.6
3.2.7Assault, Simple - AFE: 5.00
The various incident classes associated with this threat are shown in the following table:
There are no incidents associated with this threat.
3.2.8Biological Contamination - AFE: 0.05
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
||
Direct |
Loss, Controlled Substances |
$0. |
$0. |
0.0% |
|
Direct |
Loss, Intangibles |
$0. |
$0. |
0.0% |
|
Disruption, |
Cash |
$0. |
$0. |
0.0% |
|
Disruption, |
Computer Hardware |
$0. |
$0. |
0.0% |
|
Figure 13.8
3.2.9Blackmail/Extorsion - AFE: 0.02
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
Direct Loss, Cash |
$0. |
$0. |
0.0% |
Disruption, Cash |
$0. |
$0. |
0.0% |
Figure 13.9
3.2.10Bomb Threats - AFE: 2.00
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
|
Compromise, |
Intangibles |
$0. |
$0. |
0.0% |
Compromise, |
Proprietary Information |
$0. |
$0. |
0.0% |
Figure 13.10
3.2.11Burglary/Break In - AFE: 1.00
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
|
Intangibles, Business Market Share |
$0. |
$0. |
0.0% |
|
Theft, |
Negotiable Instruments |
$0. |
$0. |
0.0% |
Figure |
13.11 |
|
|
|
3.2.12Chemical Gas - AFE: 0.10
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
||
Disruption, |
Communications Equipment |
$0. |
$0. |
0.0% |
|
Disruption, |
Computer Hardware |
$0. |
$0. |
0.0% |
|
Direct |
Loss, Computer Hardware |
$0. |
$0. |
0.0% |
|
Figure |
13.12 |
|
|
|
|
3.2.13Cold/Frost/Snow - AFE: 1.00
The various incident classes associated with this threat are shown in the following table:
There are no incidents associated with this threat.
3.2.14Communication Loss - AFE: 10.00
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
Direct Loss, Aircraft |
$0. |
$0. |
0.0% |
Direct Loss, Ammunition/Explosives |
$0. |
$0. |
0.0% |
Direct Loss, Art/Paintings |
$0. |
$0. |
0.0% |
Direct Loss, Business Market Share |
$0. |
$0. |
0.0% |
Disruption, Communications Equipment |
$0. |
$0. |
0.0% |
Disruption, Computer Hardware |
$0. |
$0. |
0.0% |
Direct Loss, Communications Equipment |
$0. |
$0. |
0.0% |
Direct Loss, Computer Hardware |
$0. |
$0. |
0.0% |
Direct Loss, Food/Water/Perishables |
$0. |
$0. |
0.0% |
Direct Loss, Large Weapons |
$0. |
$0. |
0.0% |
Compromise, Customers |
$0. |
$0. |
0.0% |
Figure 13.14
3.2.15Earthquakes - AFE: 0.05
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
Direct Loss, Cash |
$0. |
$0. |
0.0% |
Disruption, Cash |
$0. |
$0. |
0.0% |
Direct Loss, Controlled Substances |
$0. |
$0. |
0.0% |
Direct Loss, Facilities/Building |
$0. |
$0. |
0.0% |
Direct Loss, Intangibles |
$0. |
$0. |
0.0% |
Figure 13.15
3.2.16Electromagnetic Interference - AFE: 1.00
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
|
Direct |
Loss, Cash |
$0. |
$0. |
0.0% |
Disruption, Cash |
$0. |
$0. |
0.0% |
|
Figure |
13.16 |
|
|
|
3.2.17Espionage - AFE: 0.20
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
|
Direct |
Loss, Computer Hardware |
$0. |
$0. |
0.0% |
Disruption, Computer Hardware |
$0. |
$0. |
0.0% |
|
Figure |
13.17 |
|
|
|
3.2.18Explosions Major - AFE: 0.01
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
Direct Loss, Aircraft |
$0. |
$0. |
0.0% |
Disruption, Aircraft |
$0. |
$0. |
0.0% |
Disruption, Cash |
$0. |
$0. |
0.0% |
Disruption, Communications Equipment |
$0. |
$0. |
0.0% |
Disruption, Computer Hardware |
$0. |
$0. |
0.0% |
Direct Loss, Ammunition/Explosives |
$0. |
$0. |
0.0% |
Direct Loss, Business Market Share |
$0. |
$0. |
0.0% |
Direct Loss, Cash |
$0. |
$0. |
0.0% |
Figure 13.18
3.2.19Explosions Minor/Mail-Bomb - AFE: 0.10
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE ALE % of total ALE |
Direct Loss, Cash |
$0. |
$0. |
0.0% |
Disruption, Cash |
$0. |
$0. |
0.0% |
Direct Loss, Construction Equipment |
$0. |
$0. |
0.0% |
Direct Loss, Controlled Substances |
$0. |
$0. |
0.0% |
Direct Loss, Evidence |
$0. |
$0. |
0.0% |
Direct Loss, Facilities/Building |
$0. |
$0. |
0.0% |
Direct Loss, Gold/Silver Gems |
$0. |
$0. |
0.0% |
Direct Loss, Intangibles |
$0. |
$0. |
0.0% |
Figure 13.19
3.2.20Fire, False Alarm - AFE: 2.00
The various incident classes associated with this threat are shown in the following table:
There are no incidents associated with this threat.
3.2.21Fire, Major - AFE: 0.04
The various incident classes associated with this threat are shown in the following table:
Incident Class |
SLE |
ALE |
% of total ALE |
Direct Loss, Cash |
$0. |
$0. |
0.0% |
Disruption, Cash |
$0. |
$0. |
0.0% |
Direct Loss, Construction Equipment |
$0. |
$0. |
0.0% |
Direct Loss, Controlled Substances |
$0. |
$0. |
0.0% |
Direct Loss, Evidence |
$0. |
$0. |
0.0% |
Direct Loss, Facilities/Building |
$0. |
$0. |
0.0% |
Direct Loss, Gold/Silver Gems |
$0. |
$0. |
0.0% |
Direct Loss, Intangibles |
$0. |
$0. |
0.0% |
Figure 13.21
3.2.22Fire, Minor - AFE: 0.10
The various incident classes associated with this threat are shown in the following table: