Discover whether your risk appetite is in sync with your organization's acceptable level of risk. Define the likelihood of an incident and its impact on your organization, then select your response.
Here's how it works: An incident is assigned a risk score by multiplying the impact and likelihood scores. Ranges of risk scores are then associated with different levels of management attention. This is a hypothetical example. Organizations develop personalized risk scoring criteria and escalation activities based on the elements and performance measures required to meet key stakeholder demands.