Qualitative Risk Analysis

Qualitative risk analysis is a technique that can be used to determine the level of protection required for applications, systems, facilities and other enterprise assets. It is a systematic examination of assets, threats, and vulnerabilities that establishes the probabilities of threats occurring, the cost of losses if they do occur, and the value of the safeguards or countermeasures designed to reduce the threats and vulnerabilities to an acceptable level. The qualitative methodology attempts only to prioritize the various risk elements in subjective terms.