What is ALE, ARO, SLE.?

Quantitative Risk Assessment

Quantitative assessment deals with numbers and dollar amounts. It attempts to assign a cost (monetary value) to the elements of risk assessment and to the assets and threats of a risk analysis.

To fully complete a quantitative risk assessment, all elements of the process (asset value, impact, threat frequency, safeguard effectiveness, safeguard costs, uncertainty, and probability) are quantified. Therein lies the problem with purely quantitative risk assessment: It is difficult, if not impossible, to assign dollar values to all elements; therefore, some qualitative measures must be applied to quantitative elements. A quantitative assessment requires substantial time and personnel resources. The quantitative assessment process involves the following three steps:

  1. Estimate potential losses (SLE)
  2. Conduct a threat analysis (ARO)
  3. Determine annual loss expectancy (ALE)

Continue reading “What is ALE, ARO, SLE.?”

What is RTO, RPO, WRT, MTD ?

When it comes to Disaster Recovery & High Availability Techniques, these Acronyms are a must. So will discuss a bit in further.

1. Business as usual


At this stage all systems are running production and working correctly.

2. Disaster occurs


On a given point in time, disaster occurs and systems needs to be recovered. At this point the Recovery Point Objective (RPO) determines the maximum acceptable amount of data loss measured in time.

Continue reading “What is RTO, RPO, WRT, MTD ?”