The ThorTeaches CISSP, CISM, and CC blog!

Get certification updates, tips, tricks, sales, and much more!

Qualitative Risk Analysis – How likely is it to happen and how bad is it if it happens? This is vague, guessing, a feeling and relatively quick to do. Most often done to know where to focus the Quantitative Risk Analysis.
- Qualitative Risk Analysis with the Risk Analysis Matrix.
  - Pick an asset: A laptop.
  - How likely is one to get stolen or left somewhere?
    I would think Possible or Likely.
  - How bad is it if it happens?
    That really depends on a couple of things:
  - Is it encrypted?
  - Does it contain Classified or PII/PHI content?
  - Let’s say it is Likely and a Minor issue, that puts the loss the High Risk category.
  - It is normal to move High and Extreme on to Quantitative risk analysis. If mitigation is implemented, we can maybe move the risk level to “Low” or “Medium”.

34 hours of CISSP videos
5,000+ CISSP questions
A 300-page CISSP study guide
120-page quick sheets
CISSP Mnemonics
A CISSP study plan
A 2,500-page CISSP Glossary
The 24/7 CISSP ThorBot (chatbot)
2,500 CISSP Flashcards
Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
Lifetime or 12-months access

32 hours of CISM videos
900 CISM questions
A 200-page CISM study guide
CISM Mnemonics
A CISM study plan
A 2,500-page CISM Glossary
The 24/7 CISM ThorBot (chatbot)
2,500 CISM Flashcards
Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
Lifetime or 12-months access

17 hours of CC videos
1,700+ CC questions
A 120-page CC study guide
CC Mnemonics
A CC study plan
A 2,500-page CC Glossary
The 24/7 CC ThorBot (chatbot)
2,500 CC Flashcards
Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
Lifetime or 12-months access