How to calculate confidentiality, integrity and availability values of people
Assign topic to the user
Answer:
I will give you an easy example (considering a scale of values from 0 to 2, being 2 the greater):
Asset: system administrator
Threat 1: Unavailability of the person (related to the availability); vulnerability: no replacement for the position of this person.
Consequences (based on the lack of availability of this person) = 1
Likelihood = 1
Risk = 1 + 1 = 2
Threat 2: Frequent errors (related to the integrity); vulnerability: lack of training.
Consequences (based on the lack of integrity of this person) = 1
Likelihood = 2
Risk = 1 + 2 = 3
Threat 3: Illegal processing of data (related to the confidentiality); vulnerability: lack of monitoring mechanisms.
Consequences (based on the lack of confidentiality of this person) = 2
Likelihood = 0
Risk = 2 + 0 = 2
Comment as guest or Sign in
Mar 20, 2016