# IT:AD:Risk Asessment #
* [[../|(UP)]]
{{indexmenu>.#2|nsort tsort}}
## Notes ##
* Assess -> Respond -> Monitor
* Qualitative (High/Medium/Low) v. Quantitive (number based) Assessments
* Business are more Quantitative Numbers.
* Single Loss Expectancy (SLE)
* Annulized Rate of Occurance (ARO)
* Annulised Losss of Of Expectancy (ALE)
## Risk Assessment
Likelihood (1-5) versus Consequences (1-5)
Likelihood (Rare|Unlikely|Moderate|Likely|Almost Certain)
Consequences (INsignificant|Minor|Sig|Major|Severe)
Low to High..
* ISO-30000-1209
RISKS can be:
* Eliminated, Substituted, Controlled (isolation and guarding), Administered (training/work scheduling), Personal Protective Equipement (PPE).
* CCSB: Accept, Avoid, Mitigate, Transfer the risk.