An 'Ad Hoc' risk assessment is performed as required, without a regular schedule, often in response to significant changes or new threats to an organization's environment. It contrasts with recurring or continuous assessments that happen at regular intervals or constantly, respectively. A 'Qualitative' risk assessment refers to the process that prioritizes risks based on their severity and impact, rather than their frequency or timing.