Based on scenario 4, the fact that TradeB defined the level of risk based on three nonnumerical categories indicates that:
Based on scenario 4, the fact that TradeB defined the level of risk based on three nonnumerical categories indicates that:
A. The level of risk will be evaluated against qualitative criteria Based on the definition of Qualitative (quality - subjective - from observations ) & Quantitative (numerical data ) "After establishing criteria for assessing consequences and likelihoods of information security risks the organisation should also establish a method for combining them in order to determine a level of risk. Consequences and likelihoods may be expressed in a qualitative, quantitative or semi quantitative manner