SecPlusTrainer / Glossary / What is quantitative risk assessment?
D1 · General

What is quantitative risk assessment?

Quantitative risk expresses risk in financial terms. Formulas: AV (Asset Value) × EF (Exposure Factor) = SLE (Single Loss Expectancy). SLE × ARO (Annual Rate of Occurrence) = ALE (Annualized Loss Expectancy).
ALE is used to justify security investments: control cost < ALE reduction = economically justified. Qualitative risk uses categories (High/Medium/Low). Quantitative is more precise but requires data. Most organizations use a combination. Exam: know ALE = SLE × ARO.

Related Terms

What is an access token in security? What is an account lockout policy? What is Active Directory (AD)? What is Active Directory Certificate Services (AD CS)?
← Back to Glossary Practice Questions →