From the course: IT and Cybersecurity Risk Management Essential Training
Join today to access over 24,900 courses taught by industry experts.
Quantitative vs. qualitative risk assessments
From the course: IT and Cybersecurity Risk Management Essential Training
Quantitative vs. qualitative risk assessments
- [Instructor] There are two major approaches to doing a risk assessment. There's quantitative or qualitative. This topic can spark a lot of heated conversation, so if you haven't already experienced that, be ready. You may be in a position to choose whichever approach makes the most sense. In this lesson I'm going to help you understand which approach to choose based on your situation. First, let's look at the quantitative approach. This approach will be very data-driven, and will use probability estimation, statistical models, and algorithms. Using this approach you'll calculate such values as annualized rate of occurrence and annual loss expectancy. You can use whatever quantitative methods and tools you believe will do the job. A very well-regarded quantitative approach that has a large community around it is the FAIR cyber risk framework. Alternatively, you can take a qualitative approach. Now, this one is favored…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
IT risk management in small companies4m 18s
-
(Locked)
IT risk management in medium companies6m 23s
-
IT risk management in large companies6m 19s
-
(Locked)
Quantitative vs. qualitative risk assessments3m 33s
-
(Locked)
The role of organizational culture2m 37s
-
(Locked)
The minimum viable approach3m 33s
-
(Locked)
-
-
-