be noted. At this point, there exists a matrix ofindividual threats and remedial measures with estimatesof loss reductions and costs, and thus an estimate of thenet saving. This is shown graphically in table 4-4.For each threat (A, B, C, and D), the estimated lossreduction (column 1), the cost of the remedial measure(column 2), and the net loss reduction (column 3) aregiven in thousands of dollars. By applying remedialmeasure J to threat A at a cost of ,000, a loss reductionof ,000 can be expected (a net saving of
||content||
1,000).Furthermore, remedial measure J will reduce the threatB loss by ,000 at no additional cost and the threat Closs by ,000 at an added cost of only
||content||
,000. Finally,though, it appears that it would cost more than it wouldsave to apply J to threat D. Therefore, J would not beimplemented for D. The net loss reduction from J couldbe expressed as:The table indicates that J and K have the same reductioneffect on threat A. Since K costs more than J, it might,at first glance, be rejected. However,andTherefore, while J and K are equally effective on threatA, K appears to be more effective than J on the otherthreats. Further checking shows their combined useresults in the greatest overall net loss reduction.By going through the process just described, usingpreliminary estimates for cost and loss reduction, youcan test various combinations of remedial measures,and thus identify the subset of remedial measures thatappears to be the most effective. At this point, reviewthe estimates and refine them as necessary to ensurecompliance with higher authority security instructions.If all the preceding procedures are followed, thefollowing factors will be established and documented:l The significant threats and their probabilities ofoccurrence;l The critical tasks and the loss of potential relatedto each threat on an annual basis;l A list of remedial measures that will yield thegreatest net reduction in losses, together withtheir annual cost.With this information at hand, AIS uppermanagement can move ahead with implementing theAIS security program. Since the analysis of remedialmeasures will have identified those with the greatestimpact, relative priorities for implementation can alsobe established.AIS DISASTER PROTECTIONFires, floods, windstorms, and earthquakes all tendto have the same basic effects on AIS operations. Theycause the physical destruction of the facility and itscontents and interrupt normal operations. They alsorepresent a threat to the life and safety of the AIS staff.To illustrate the effects of the physical destruction of afacility, we have selected fire safety. Other causes ofdisasters include the loss of support utilities andbreaches of AIS facility physical security.FIRE SAFETYExperience over the last two decades demonstratesthe sensitivity of AIS facilities to fire damage resultingin disruption of operations. A number of major lossesTable 4-4.—Threat Matrix Table4-18