What is the process of scoring risks by their likelihood and their impact?

Last Updated on August 1, 2021 by Admin 2

What is the process of scoring risks by their likelihood and their impact?

  • quantitative risk analysis
  • qualitative risk analysis
  • business impact analysis
  • disaster recovery

When scoring is used to rate risks by likelihood and impact, it is called qualitative risk analysis. Qualitative risk analysis does not assign monetary values. It is simply a subjective report that is compiled by the risk analysis team that describes the threats, countermeasures, and likelihood an event will occur.

Quantitative risk analysis attempts to attach dollar figures to potential risk outcomes. Quantitative risk analysis attempts to predict the likelihood a threat will occur and assigns a monetary value in the event a loss occurs. The likelihood of risk occurrence is usually based ob subject matter expert opinion and rankings from statistical data.

A business impact analysis (BIA) focuses on critical business systems and the impact if they are lost to an outage. A BIA is created to identify the company’s vital functions and prioritize them based on need. It identifies vulnerabilities and threats and calculates the associated risks.

A disaster recovery plan is a short term plan that is implemented when a large disaster event occurs. The plan is created to ensure that your company can resume operations in a timely manner. It mainly focuses on alternative procedures for processing transactions in the short term. It is carried out when the emergency occurs and immediately following the emergency.

Objective: Security Concepts
Sub-Objective: Describe these security terms: Principle of least privilege, Risk scoring/risk weighting, Risk reduction, Risk assessment

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments