(By Info-Tech Analyst James Quin- Printed with permission from Processor magazine www.processor.com).
Doing The Math
For those in need of a refresher, determining ROSI first requires that the enterprise calculates its ALE, or Annual Loss Expectancy, (the total annual dollar cost for the specific risk in question). Calculating the ALE, however, requires that we calculate the ARO, or Annual Rate of Occurrence (how many times the risk is likely to occur per year), and SLE, or Single Loss Expectancy (the dollar cost of a single occurrence of the risk in question). Laid out in a consolidated formula, we get:
ROSI = Cost of Solution / (ARO x SLE)