‹ Back to Act

Risk / detail

ACME Corp

Insider misuse

Open Privileged insider
Annual loss expectancy
$420K
Loss event frequency
0.5 events/yr
Loss magnitude
$0.6M–$1.4M
Confidence
Medium

FAIR decomposition

Frequency
0.5 events/yr
×
Magnitude
$0.6M–$1.4M
=
ALE
$420K

Nine-month-stale access reviews (f-access) widen the window for insider misuse and weaken the defensibility of any post-incident claim that access was appropriate.

Top controls

SOC 2 CC6PCI R7

Driven by

high
Quarterly access reviews are 9 months overdue
Close this to cut the ALE →