A global enterprise is formalizing its risk assessment methodology to support periodic reporting to the board. The CISO wants the process to yield repeatable, objective figures-such as predictable dollar values-that allow risks in one division to be compared directly with those in another and to observe trends over successive quarters. Which risk-assessment approach BEST delivers these capabilities?
Quantitative risk assessment applies numerical data and statistical models-such as single-loss expectancy (SLE), annualized loss expectancy (ALE), and return on security investment (ROSI)-to assign measurable values to likelihood and impact. Because the outputs are expressed as concrete numbers, they can be trended over time or compared across organizational units.
Qualitative risk assessment relies on subjective categories (for example, high, medium, or low), so its results are less repeatable. Hybrid methods mix numeric and descriptive techniques, only partly meeting the requirement for objective metrics. Residual risk assessment evaluates the risk remaining after controls are applied; it is not a standalone method for initial, cross-unit comparisons.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between Quantitative and Qualitative risk assessments?
Open an interactive chat with Bash
How does Annual Loss Expectancy (ALE) support objective risk assessments?
Open an interactive chat with Bash
Why are objective metrics important in risk assessment for large enterprises?
Open an interactive chat with Bash
ISC2 CISSP
Security and Risk Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .