CISSP Certification

CISSP certification: Risk Analysis terms.

Qualitative vs. Quantitative Risk Analysis.

  • For any Risk analysis we need to identify our assets. What are we protecting?
    • Qualitative Risk Analysis – How likely is it to happen and how bad is it if it happens? This is vague, guessing, a feeling and relatively quick to do. Most often done to know where to focus the Quantitative Risk Analysis.
    • Quantitative Risk Analysis – What will it actually cost us in $? This is fact based analysis, Total $ value of asset, math is involved.
      • Threat – A potentially harmful incident (Tsunami, Earthquake, Virus, … )
      • Vulnerability – A weakness that can allow the Threat to do harm. Having a Data Center in the Tsunami flood area, not Earthquake resistant, not applying patches and anti virus, …
      • Risk = Threat x Vulnerability.
      • Impact – Can at times be added to give a more full picture. Risk = Threat x Vulnerability x Impact (How bad is it?).
      • Total Risk = Threat x Vulnerability x Asset Value.
      • Residual Risk = Total Risk – Countermeasures.
Thor Pedersen

IT, information security, and project management trainer Best selling CISSP. CISM, and PMP instructor on Udemy. CISSP, CISM, C|EH, CDPSE, PMP, 2x CCNP, CompTIA Security+, SCP, 3x CCNA, et. Al.

Recent Posts

The Thor’s Flashcards are LIVE!

After many many months of working, our 2,500 CISSP, CISM, and CC Flashcards are finally…

1 week ago

Lifetime Access on ThorTeaches.com

We have done it! Lifetime Access is LIVE on ThorTeaches.com. You can now get lifetime…

1 week ago

The Thorbots (Chatbots) on our CISSP, CISM, and CC courses are now better!

Today I tweaked the Thorbots (Chatbots) on the CISSP, CISM, and CC courses on ThorTeaches.com…

2 weeks ago

Introducing the NEW “Thor’s CISSP Quick Sheets”.

Streamline your review sessions, maximize your retention! We know you're busy, and that's why we've…

3 weeks ago

Thor’s 2,500-word FREE glossary is LIVE!

Zero cost, pure knowledge. Our 2500-word IT and cybersecurity glossary is yours to use, absolutely…

3 weeks ago

🎯Reach your certification goals in 2024 Sale!

Get a head start on your 2024 CISSP, CISM, and CC certification goals with our…

1 month ago