"I deselected some controls to see where the residual risk would change from 0 to 1 to 2 to 3
When I deselected some controls the residual risk went from 0 to 3, nothing in between.
When I re-checked all of the controls the residual risk remained at 3.
How do I reset the value back to 0?
How do I get a residual value of 1 or 2?
Asset: Network equipment
Vulnerability: Rules for IT/communications equipment not clearly defined
Threat: Interruption of communication services
Which items to select?