Qualitative Risk Analysis
Assessing risks based on their potential impact and the likelihood of their occurrence
Subjective and relies on the expertise and experience of the project team and stakeholders
Risk Register
Quantitative Risk Analysis
Method of evaluating risk that uses numerical measurements
Used for critical asset and risks that have high likelihood of occuring
Asset Value (AV)
The cost of an asset
Asset includes Tangible and Intangible objects
Exposure Factor (EF)
Proportion of an asset that is lost in an event
Represented as a percentage between 0% (No Loss) and 100% (Total Loss)
Single Loss Expectancy (SLE)
Monetary value expected to be lost in a single event
SLE = AV * EF
Annualized Rate of Occurrence (ARO)
Estimated frequency with which a threat is expected to occur within a year
Annualized Loss Expectancy (ALE)
Expected annual loss from a risk
ALE = SLE * ARO
Total Cost of Ownership (TCO)
Expected annual cost from implementing the mitigation strategies