ABSTRACT
This chapter discusses the potential loss (L) and addresses the probability of the loss occurring (P) and burden of preventing loss (B). It suggests that the reader’s awareness of the elements that go into the valuation of BPL with respect to the computer science field. To apply the risk analysis equation to a particular event, the three components of BPL must be evaluated. The steps that the student followed in performing her risk analysis mirror the risk analysis process performed by other individuals, business, and governments. The chapter re-examines the risk analysis methodology in terms of computer security. The terms associated with both the risk analysis process and computer security must be related and defined in order to learn how to perform a computer security risk analysis. The application of risk analysis to computer security is little different than when applied to other fields. Risk analysis assists a rational decision maker in determining the appropriate action in any given situation.
