Semi-Quantitative Risk Assessment
A semi-quantitative risk assessment is a type of risk assessment that combines elements of both quantitative and qualitative risk assessments. In a semi-quantitative risk assessment, some aspects of the risk assessment are quantified using mathematical and statistical methods, while other elements are evaluated using subjective judgments and expert opinions.
For example, the likelihood of a risk occurring may be estimated using statistical models, while the potential impact of the risk may be evaluated based on expert opinions. The results of a semi-quantitative risk assessment are typically presented as a risk register or matrix, which can inform decision-making and guide the development of a risk management plan. Semi-quantitative risk assessments are often used when the information available for a quantitative risk assessment is limited or uncertain.
View Drata Glossary
Learn more about other compliance and cybersecurity concepts in our glossary.