Video Description

This lesson will explain the difference between qualitative and quantitative risk analysis and the benefits of each analysis method. Qualitative analysis:

  • The subjective analysis to help prioritize probability and impact of risk events
  • May use the Delphi technique to solicit objective opinions

Quantitative analysis: - Provides a dollar value to a particular risk event

  • Is much more sophisticated in nature, a quantitative analysis is much more difficult and requires a special skill set
  • Business decisions are made on a quantitative analysis
  • A quantitative analysis can't exist on its own. A quantitative analysis depends on qualitative information

Furthermore, a qualitative analysis is subjective in nature and uses words such as; "high" "medium" and "low" to describe the likelihood and severity of a threat exposing a vulnerability. A quantitative analysis will require much more experience than a qualitative analysis. In addition a quantitative analysis will: - Involve more calculations to determine a dollar value associated with each risk event

  • Business decisions will be made on the basis of quantitative analysis
  • The goal of this analysis will be to determine the dollar value of a risk and use that amount to determine what the best control for a particular asset is

A quantitative analysis is necessary for a cost/benefit analysis

Course Modules