Operational and Organizational Security: Incident Response • Chapter 11  661

                       A chain of custody is used to monitor who has had possession of evidence
                         at any point in time, from the crime scene to the courtroom.


                 Risk Identification

                       Risk identification is the process of ascertaining what a company may be
                         at risk from, so that it can be dealt with accordingly. Dealing with these
                         risks is done through the process of risk management.

                       Assets are the property and resources belonging to a company. Identifying
                         assets is important to determining what risks will effect them and the
                         impact those risks will have.This includes human assets.

                       Vulnerabilities are weaknesses in a system that can leave a system open to
                         possible threats.When a vulnerability exists, the threat associated with it
                         remains until the vulnerability is removed.

                       The SLE is the dollar value relating to the loss of equipment, software, or
                         other assets.This is the total loss of risk that will be incurred by the
                         company should a risk actually occur in the future.

                       The ARO is the likelihood of a risk occurring within a year.
                       The ALE is the expected loss that will be incurred by a company each
                         year from a risk, and is calculated from the SLE and the ARO (ALE =
                         ARO x SLE).






























                                                                              www.syngress.com