In this section, we show the equivalence of IriusRisk’s risk ratings with numeric values.

IriusRisk uses a range of options to describe the characteristics of a threat in terms of confidentiality, integrity, availability, and ease of exploitation, and also to measure how big is the business impact of a weakness. This range translates to the following equivalence to perform risk calculations:

Risk Rating (R) for Threats |
Numeric Equivalence |

Very Low | R = 0 |

Low | 0 < R <= 25 |

Medium | 25 < R <= 50 |

High | 50 < R <= 75 |

Critical | 75 < R <= 100 |

## Comments

0 comments

Article is closed for comments.