PrepAway - Latest Free Exam Questions & Answers

How is Annualized Loss Expectancy (ALE) derived from a …

How is Annualized Loss Expectancy (ALE) derived from a threat?

PrepAway - Latest Free Exam Questions & Answers

A.
ARO x (SLE – EF)

B.
SLE x ARO

C.
SLE/EF

D.
AV x EF

Explanation:
The Annualized Loss Expectancy (ALE) is the monetary loss that can be expected for an asset due to a risk
over a one year period. It is defined as:
ALE = SLE * ARO
where SLE is the Single Loss Expectancy and ARO is the Annualized Rate of Occurrence.
Single loss expectancy is one instance of an expected loss if a specific vulnerability is exploited and how itaffects a single asset. Asset Value × Exposure Factor = SLE.
The annualized rate of occurrence (ARO) is the value that represents the estimated frequency of a specific
threat taking place within a 12-month timeframe.
Incorrect Answers:
A: ARO x (SLE – EF) is not the correct formula for calculating the Annualized Loss Expectancy (ALE).
C: SLE/EF is not the correct formula for calculating the Annualized Loss Expectancy (ALE).
D: AV x EF is not the correct formula for calculating the Annualized Loss Expectancy (ALE).

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 87


Leave a Reply