What if a threat has more than one “Threats Damage to Asset” value?
As you all know, the basic PTA threat model enables a single threat to threaten more than one asset (actually the number of assets that can be threatened by a single threat is limited to 999 but as far as we know, no one has complained yet). Moreover the model enables you to assign a particular level of damage that the threat might cause to each of the threatened assets. The data-entry field in the Threat Details screen is called Threat’s Damage to Asset and it defined as follows: Threat’s Damage Level to Asset is the financial value of damage caused by one incident of a specific threat to a specific asset, expressed as percentage of the asset’s value – if level is 100% the damage to the asset is maximal. So where is this question coming from? It has aroused in several cases when the preliminary threats identification process came up with scenarios where it seems that incidents of the same threat cause different damage. For example, an incident of a virus attack can destroy a precious
Related Questions
- Rateable Value Q: A premises has 50% of their rateable value waived as a charitable organisation. How should the applicant calculate the rateable value of the premises for conversion purposes?
- Does CA Threat Manager Total Defence offer a better value over best-of-breed point-based solutions?
- What if a threat has more than one "Threats Damage to Asset" value?
