Types of Risk Assessment

  1. Qualitative
    • The financial officer’s estimate that password scanning attacks are highly probable.
    • The IT manager’s opinion on what impact a flood would have on the server room.
  2. Quantitative
    • The cost to the company for being offline for one day / it’s servers being offline for one day.
    • The expected, total number of DDoS attacks per year