A risk cube is a tool that is used to analyze a security risk issue. For example, consider the challenge to measure security concerns for a direct-recording electronic (DRE) voting machine.
The risk cube has the following domains:
• Probability: Likelihood of error (low, medium, high)
• Outcome: Severity of error (low, high)
• Duration: Impact of error (isolated, long-term)
Use the risk cube as the tool to categorize the security risks, and justify the DRE acceptance or rejection in each subcube. Complete the following:
• For each subcube, justify the acceptance or rejection of DRE voting with a summarized statement.
o In addition to the acceptance or rejection choice, add a security risk classification of high, medium, or low for each subcube.
• Conclude with a statement of expected concurrency with the risk cubes of peers.
o If a single risk cube were to be created from those of all peers, would significant differences be expected?
o What mitigation processes might be used to resolve differences?
Redaing : The Direct Recording Electronic Voting Machine (DRE) Controversy: FAQs and Misperceptions By Eric A. Fischer,Kevin J. Coleman