This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Losing sellable products

Jump to: navigation, search

This is a Business Impact. To view all business impact, please see the Business Impact page.

Last revision (mm/dd/yy): 06/24/2008


The business is not set up to effectively distribute, sell or maintain products for existing or new customers. Businesses basically fall into two categories: product providers and service providers. Product providers sell the products to the customers. Service providers maintain customer’s throughout the life-cycle. This means that special needs have to be made to take care of the customer so that they will continue to use your services.

Risk Factors

  • Irate customers
  • Sellable equipment, services and/or features missing from applications
  • Network and application failures frustrates both users and customers
  • Profits decrease for the company
  • Legal action occurs
  • Fraudulent users unlawfully use customer data to send devices to an authorized location


Decrease in Revenue

A sales tool application is down for two hours which impacts users to sell products to customers. The Service Level Agreement (SLA) of the application is not met. Potential loss of revenue for those two hours is estimated at $200K. (Note: each application has its own SLA agreement pre-determined and an Application Business Impact Analysis (ABIA) survey determines the financial loss).

Profits Sailing Down

Saleable equipment is missing from an application. A customer wants to purchase one of the missing items and is not able to proceed with their order. The customer gets frustrated and the sale is lost.

Related Technical Impacts

  • Loss of integrity
  • Loss of availability
  • Loss of accountability


  • OWASP Top 10 - Ruby on Rails version [1]