Qualitative and quantitative risk assessments
Assign topic to the user
ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now 
ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now
ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now
Answer: Qualitative risk assessment focuses on interested parties perceptions about risks, expressing risk in terms of scales like “low – medium – high” or “1 – 2 – 3”, while quantitative risk assessment focuses on factual and measurable data, normally expressing risk values in monetary terms.
This article will provide you further explanation about qualitative and quantitative risk assessments:
- Qualitative vs. quantitative risk assessments in information security: Differences and similarities https://advisera.com/27001academy/blog/2017/03/06/qualitative-vs-quantitative-risk-assessments-in-information-security/
These materials will also help you regarding qualitative and quantitative risk assessments:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Aug 17, 2017