Information Technology Reference
In-Depth Information
Whilst there are greater losses from consumer inaction then supplier inaction, the
consumer's failure to secure their system and refrain from the use of systems at inse-
cure locations all compound to make it more likely to have a loss through this means.
At all points of an assessment, we have to also take the time value of money into
account. The value of capital is not set and fluctuates with time. To evaluate costs, we
need to take both cost and the point at which the cost is expressed into account.
In order to compare any set of two or more alternatives, the financial characteristics
of the alternatives must be compared on an equivalent basis. Two options are said to
be equivalent when they have the same effect. Monetary values are termed as equiva-
lent when they have the same exchange value. This can be defined as:
1.
The comparative amount of each monetary sum,
2.
The times of the occurrence of the sums can be aligned.
3.
An interest rate can be used to compare differences in the time of payment.
The general equivalence function is defined as:
fFin
(,,)
PE, AE or FE =
(8)
i
This equation holds for values of
t
between
0
and
n
. The equivalence equation uses:
F
=
the rate of monetary flow at the end of time period
t
.
i
=
the rate of interest for the time period.
n
=
the number of discrete time periods.
The security and risk product lifecycle defines the function of the acquisition and
utilisation phases. A system with a longer MTBF (Mean Time Between Failure) has a
greater return on the initial investment. Similarly, larger upfront investments in secu-
rity reduce the amount of capital available for investment. The financial present
equivalent function [PE(i)] is defined as a value calculation that is related to the dif-
ference between the present equivalent capital value and the present equivalent costs
for a given alternative at a given interest rate.
The present equivalent value at interest rate
i
over a total of
n
years is stated as:
/
PFi
,,0
PFi
/ ,,1
PFin
/ ,,
PE i
( )
=
F
(
)
+
F
(
)
+
...
+
F
(
)
0
1
n
(9)
n
∑
PFit
/,,
=
F
(
)
t
=
t
0
The addition on measures that take externalities into account act as a signaling in-
strument that reduce information asymmetry and improve the overall risk position of
both the consumer and the vendor. The development of a software risk derivative
mechanism would be beneficial to security [5] through the provision of a signaling
process to security and risk.
4 Conclusion
As we move security expenditure from a lower to higher value, the returns on that
expenditure increases to a maxima and then decreases. The optimal point is where
Search WWH ::
Custom Search