Impact due to FAIR-MAM at Group Level
- 3 Minutes to read
- Print
- PDF
Impact due to FAIR-MAM at Group Level
- 3 Minutes to read
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Loss Drivers Affected
Certain loss drivers have been removed and replaced with split drivers in only two modules, as these drivers showed a high coherence with risk scenario parameters. They are under:
Business Interruption
Network Security
1. Business Interruption
Deleted | Added |
|---|---|
Number of days (direct BI gross profit loss) |
|
Number of days (direct BI revenue delayed) |
|
Number of days (direct BI OpCost) |
|
Number of hours (direct BI PR revenue) |
|
Number of days (revenue generated for 3P) |
|
Impact
The addition or deletion of these drivers should have no default impact. However, if any deleted drivers were tuned in the existing model, their tuned effect would be removed, and the replacement driver’s default effect would apply.
Exceptions being
The default max value in old model for Number of days (direct BI gross profit loss) is 21 when the revenue is greater than 5B, whereas it 10 for Number of days (direct BI gross profit loss) - [Ransomware] in the new model
The default max value in old model for Number of days (direct BI revenue delayed) is 21 when the revenue is greater than 5B, whereas it 10 for Number of days (direct BI revenue delayed) - [Ransomware] in the new model
The default max value in old model for Number of days (direct BI OpCost) is 21 when the revenue is greater than 5B, whereas it 10 for Number of days (direct BI OpCost) - [Ransomware]
The default max value in old model for Number of days (revenue generated for 3P) is 21 when the revenue is greater than 5B, whereas it 10 for Number of days (revenue generated for 3P) - [Ransomware] and Number of days (revenue generated for 3P) - [Wiper] in the new model
At a high level, the above driver’s max value gets impacted when the revenue is greater than 5 Billion.
2. Network Security
Deleted | Added |
|---|---|
Number of hours (IR forensic) |
|
Number of hours (Network IR legal) |
|
Impact
The addition or deletion of these drivers should have no default impact. However, if any deleted drivers were tuned in the existing model, their tuned effect would be removed, and the replacement driver’s default effect would apply.
Exceptions being
Defaults for old model - Number of hours (IR forensic) - [0,0,0] System Outage scenarios. New model - the defaults for DDoS and System Outage-Malicious has been updated to [15, 40, 85]
Defaults for old model - Number of hours (Network IR legal) - [0,0,0] System Outage scenarios. New model - the defaults for DDoS and System Outage-Malicious has been updated to [15, 40, 85]
At a high level, System Outage - Malicious will have an increase in loss numbers, on enabling this feature.
Note - The newly added Loss drivers listed above should be reviewed for their new values, when they are applicable in a risk scenario.
Was this article helpful?