Mr. Indecisive is assigned responsibility for creating the initial draft of the Risk Assessment. When
Mr. Newbie is assigned to help with prioritization of the threats identified in the Risk Assessment. Each potential threat is already listed, along with its likelihood and severity rating. In order to create a priority list and order the threats correctly, what should Mr. Newbie do?
Explanation
Answer: C - In order to obtain the relative weight of each potential threat to the company, the likelihood rating and the severity rating need to be multiplied together. After that, the list of threats can be organized by relative weight.
To incorporate both the likelihood and severity ratings, you need to multiply the two ratings together. If there are additional factors that the risks were rated on, these should also be multiplied together as well. The relative weight rating can then be used to prioritize the potential threats. Once a final priority list has been created, review the list to make sure that it makes sense and that there are no anomalies or miscalculations on the list.
