The ThorTeaches CISSP, CISM, and CC blog!

Get certification updates, tips, tricks, sales, and much more!

orange-underline-thorteaches-cissp-cism-cc-ccsp-security-training

CISSP certification: Quantitative Risk Analysis.

  • Quantitative Risk Analysis – We want exactly enough security for our needs.
    • We find the asset’s value: How much of it is compromised, how much one incident will cost, how often the incident occurs and how much that is per year.
    • Asset Value (AV) – How much is the asset worth?
    • Exposure factor (EF) – Percentage of Asset Value lost?
    • Single Loss Expectancy (SLE) – (AV x EF) – What does it cost if it happens once?
    • Annual Rate of Occurrence (ARO) – How often will this happen each year?
    • Annualized Loss Expectancy (ALE) – This is what it cost per year if we do nothing.
    • Total Cost of Ownership (TCO) – The mitigation cost: upfront + ongoing cost (Normally Operational)
  • Laptop – Theft/Loss (unencrypted).
    • The Laptop ($1,000) + PII ($9,000) per loss (AV).
    • It is a 100% loss, it is gone (EF)
    • Loss per laptop is $10,000 (AV) x 100% EF) = (SLE)
    • The organization loses 25 Laptops Per Year (ARO)
    • The annualized loss is $250,000 (ALE)
  • Data Center – Flooding
    • The Data Center is valued at $10,000,000 (AV)
    • If a flooding happens 15% of the DC is compromised (EF)
    • Loss per Flooding is $10,000,000 (AV) x 15% EF) = (SLE)
    • The flooding happens every 4 years = 0.25 (ARO)
    • The annualized loss is $375,000 (ALE)

Start studying today!

  • 34 hours of CISSP videos
  • 5,000+ CISSP questions
  • A 300-page CISSP study guide
  • 120-page quick sheets
  • CISSP Mnemonics
  • A CISSP study plan
  • A 2,500-page CISSP Glossary
  • The 24/7 CISSP ThorBot (chatbot)
  • 2,500 CISSP Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access
  • 32 hours of CISM videos
  • 900 CISM questions
  • A 200-page CISM study guide
  • CISM Mnemonics
  • A CISM study plan
  • A 2,500-page CISM Glossary
  • The 24/7 CISM ThorBot (chatbot)
  • 2,500 CISM Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access
  • 17 hours of CC videos
  • 1,700+ CC questions
  • A 120-page CC study guide
  • CC Mnemonics
  • A CC study plan
  • A 2,500-page CC Glossary
  • The 24/7 CC ThorBot (chatbot)
  • 2,500 CC Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access

LIVE!!

Our Upgraded CISSP Flashcards are OUT!

15% off Launch SALE!

  • 2,800+ Flashcards from all 8 CISSP domains
  • Study from anywhere on any device at any time (web, Android, iOS)
  • Learn more in less time with optimized spaced repetitions
  • Focus on your weak areas first with the confidence-based algorithm
  • Do short 10-term sessions or longer ones as they match your schedule
  • Strengthen your long‑term memory using active recall with immediate answer reveal and self‑rating
  • Track your progress instantly - Mastery %, Confidence Gained, and Cards Studied update after each round
  • Keep motivation high - Instant feedback, progress meters, variable rewards, and social leaderboards
  • Stay on schedule with automated study reminders
Brainscape_s CISSP mobile dashboard