From the course: CompTIA CySA+ (CS0-002) Cert Prep: 7 Compliance and Assessment

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Quantitative risk assessment

Quantitative risk assessment

From the course: CompTIA CySA+ (CS0-002) Cert Prep: 7 Compliance and Assessment

Start my 1-month free trial

Quantitative risk assessment

- [Instructor] When we're able to gather quantitative data about our assets and risks, we can use that information to make data informed decisions about risk. This process of using numeric data to assist in risk decisions is known as a quantitative risk assessment. Security professionals performing a quantitative risk assessment do so for a single risk asset pairing at a time. For example, they might conduct an assessment based upon the risk of flooding to a data center facility. As they conduct their assessment, they must determine the values for several variables. The first of these values is the asset value, or AV. This is quite simply the estimated value in dollars of the asset. Risk assessors determining an asset's value have several options at their disposal. The original cost technique simply looks at the invoices from an asset purchase, and uses the purchase prices to determine the asset value. This is the easiest…

Contents