The best value to a company can vary. I believe each product or system has its own set of benefits. One system is popular to buy and therefore lost income would hurt the company as the time to fix or replace the system can hurt a company greatly in products, but for a system that is used daily and not sold, it can hurt just as much. Each system and product has its own set of values and therefore a risk assessment should be constantly analyzed whether monthly or yearly to determine these factors. An asset is not only defined by a system or product, but the organization itself and the people involved. Determining if a company should give a raise or be prepared to let that employee go if given an ultimatum is another value itself. If a member provides a great work ethic and therefore creates more profit a raise would be a better cost than them leaving a having to hire and train another employee. I believe there is not always one answer to which is better and all are circumstantial in which an accurate risk assessment will guide.
The link provided gives a great example of determining such things and how to prioritize asset values. A vulnerability that poses no threat or harm to profits will be given a low rating and the value will then be determined if a priority is low then replacing will be the best option if determined. A low priority does not mean it is not needed, but means it will not directly harm critical daily functions. Due to this information, a vulnerability may still need protecting, but not a priority to where the lost income will be a great factor.
I urge others to read this article as I believe it has some great information.
Resources:
Risk management for DOD Security Programs Student Guide – DCSA CDSE. Center for Development of Security Excellence. (n.d.). https://www.cdse.edu/Portals/124/Documents/student-guides/GS102-guide.pdf