Assign topic to the user
I'm interested in ROSI, I mean malicious activity and unintentional human error and natural disaster and force majeure
Answer:
ROSI (Return on Security Investment) is a parameter that relates the investment on information security with the economic benefits that this will bring to the business. The calculation of the ROSI can be based on:
- Costs of an incident by taking into account all the relevant costs if an incident occurs and the probability of incident. There are some type of incidents: Malicious activity (virus, trojan horses, etc.), unintentional human error (delete critical information by error, etc.), system errors/malfunctions (hardware failure, etc.), natural disaster & force majeure (earthquake, flood, etc.)
- Costs of security measures/controls and the level to which the risk of this incident would decrease because of such mitigation
Do you need to calculate the ROSI? This free tool can be very useful for you Free Return on Security Investment Calculator : https://advisera.com/27001academy/free-tools/free-return-security-investment-calculator/
And this article can be also interesting for you Is it possible to calculate the Return on Security Investment (ROSI)? : https://advisera.com/27001academy/blog/2011/06/13/is-it-possible-to-calculate-the-return-on-security-investment-rosi/
Comment as guest or Sign in
Jan 12, 2016