Qualitative Risk Assessment Probability: The likelihood that a threat will exploit a vulnerability. Probability can use a scale of low, medium, and high, assigning percentage values to each. Impact: The negative result if a risk occurs. You can use low, medium, or high to describe the impact. You can calculate the risk level using the following formula: Risk Level - Probability X Impact Scenario 2: Richman Investments is concerned about the security of its customer data Management has determined that the three primary risks the company faces in protecting the data are as follows: Unauthorized access by an internal party Sabotage by a contract employee Software failures Richman has created scales for the probability and impact of risks as follows: Probability: Low = 10%. Medium = 50%, and High = 100% Impact: Low = 10, Medium = 50, and High = 100 After surveying key individuals in the company, Richman calculated the probability and impact of each risk, as shown in the table below. Based on the information given above, calculate the risk level for each risk: Remember, although probability is given as a whole number, given that it is a probability, it must be calculated as a percent. If you do not perform the calculation using probability as a percent, no credit. Risk Level - MUST be entered as a number Probability Impact (NOT Low, Medium, or High). NOT as a percentage. A number. Unauthorized access by an internal party 35 40 Sabotage by a contract employee 60 80 Software failures 30 70 Category Prioritize the risks from high to low: Priority 1 Priority 2 Priority 3 Present the data graphically to senior management in the form of a risk matrix. A sample risk matrix is shown below: High Impact Value -100 Low Probably High Impact High Probability High Impact Do Art Viet Deng Loos of us to FF Low Pris Hgn Probably Value - 100 LORD Go to Low Probably Low impact Low impact Value High Probability Low Impact Complete the following risk matrix based on your data: Place the letters that correspond to the categories in the table as best as possible. JUST THE LETTERS, not the lengthy description of the category. Also - do not give the letters as numbers, such as 1, 2, or 3. USE THE LETTERS BELOW. Any deviation from this, and your answer will graded as a zero. X = Unauthorized Access by Internal Party Y - Sabotage by Contract Party Z = Software Failures Probability is left to right, 0 to 100, on the X axis: Impact is bottom to top, 0 to 100, on the Yaxis