Today, I am focusing on the CISM exam. CISM is an excellent certification for information security managers. CISM has a great market demand and helps in getting a better salary. So continuing on my questions and answers for the CISM 2007 exam candidates, here is the question of the day.

Q). Which answer is the BEST description of a Single Loss Expectancy
SLE)?

a.An algorithm that represents the magnitude of a loss to an asset from a threat
b.An algorithm that expresses the annual frequency with which a threat is expected to occur
c.An algorithm used to determine the monetary impact of each occurrence of a threat
d.An algorithm that determines the expected annual loss to an
organization from a threat

Answer: The correct answer is "C". A SLE is the dollar figure that is assigned to a single event. It represents an organization's loss from a single threat and is derived from the following formula: Asset Value ($) × Exposure Factor (EF) = SLE. For example, an asset valued at $500,000 that is subjected to an exposure factor of 20 percent would yield an SLE of $100,000. While this figure is primarily defined in order to create the Annualized Loss Expectancy (ALE), it is occasionally used by itself to describe a disastrous event for a Business Impact Assessment (BIA).

Related Posts

Clear Desk Policy - CISM 2006 Question
Data Protection Responsibility
Forensic Backup Copies
CISM Practice Tests - Cost of Mitigating Risks