Ask Question
18 December, 11:40

You are implementing a new server that will connect 10 client computers to the Internet to access a company application. None of these clients has anti-virus software installed. Assume there is a 90% chance that 50% of these systems will become infected with a virus after they connect to the Internet, and this virus will bring your network down for an entire 8-hour day. Anti-virus software would cost $500 a year for the organization. Assume that the impacted employees are paid $12 an hour. What is the Exposure Factor (EF) for this risk?

+2
Answers (1)
  1. 18 December, 11:43
    0
    Within the context of the project risk management system, performing these risk analyses are two different processes. Effective risk analysis and management are the basis of any project's success.

    These two methods dominate the risk analysis technique

    In almost all risks and for all projects, qualitative risk analysis is performed but quantitative risk analysis is more limited and they are based on the type of project or the risk involved.

    The major difference between these two methods is their approach to the process.

    Qualitative risk analysis is more biased and focuses on finding the risks which will measure the occurrence of a specific risk event during the project life cycle and also its impact on the overall process.

    In qualitative risk analysis, the goal is to ascertain the severity, and then those data are recorded in a risk assessment matrix or any form of an intuitive graphical report can be used and these matrices are valuable to communicate the outstanding hazards to the stakeholders.

    In Qualitative risk analysis, method risk is measured in terms of low moderate-high and extreme.

    Quantitative risk analysis is unbiased as it needs verified data to analyze the risk effect in terms of money, resource consumption, and any delays in schedule.

    Quantitative risk analysis assigns a numerical value to an extent risk.

    If risk X has a 40% chance of happening based on the quantifiable data and 15% chance of causing a delay of A number of days. Hence it is totally dependent on the quantity and accuracy of data.

    Since we look into the process and approach of both the methods and when it comes to choosing any one method for handling risk and considering your example:

    I can say that in terms of assessing probability and prioritizing risk in very simpler terms which is easy to understand and to implement, qualitative risk analysis is better.

    This method is easier to approach as we can easily identify areas that need special attention and can be employed at any stage of the project to handle risk.

    Conclusively, I believe if you need to adopt one method (for your case and in general), go for qualitative. Although both methods are similar and which one is better cannot be clearly stated. Hence both analyses should be conducted in tandem which will give us the best possible insight into the risk involved and their possible impact.

    Therefore, whatever is the size or the complexity of your project you will have everything with you that is best for your organization.
Know the Answer?
Not Sure About the Answer?
Find an answer to your question 👍 “You are implementing a new server that will connect 10 client computers to the Internet to access a company application. None of these ...” in 📗 Business if the answers seem to be not correct or there’s no answer. Try a smart search to find answers to similar questions.
Search for Other Answers