Qualitative and quantitative risk assessments
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer: Qualitative risk assessment focuses on interested parties perceptions about risks, expressing risk in terms of scales like “low – medium – high” or “1 – 2 – 3”, while quantitative risk assessment focuses on factual and measurable data, normally expressing risk values in monetary terms.
This article will provide you further explanation about qualitative and quantitative risk assessments:
- Qualitative vs. quantitative risk assessments in information security: Differences and similarities https://advisera.com/27001academy/blog/2017/03/06/qualitative-vs-quantitative-risk-assessments-in-information-security/
These materials will also help you regarding qualitative and quantitative risk assessments:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Aug 17, 2017