Qualitative Risk Assessment Techniques

C.

A permanent decline in customer confidence does not lend itself well to measurement by quantitative techniques.

Qualitative techniques are more effective in evaluating things such as customer loyalty and goodwill.

Theft of software, power outages and temporary loss of e-mail can be quantified into monetary amounts easier than can be assessed with quantitative techniques.

Qualitative risk assessment is a technique that assesses risks based on subjective judgments of their likelihood and impact. It typically uses descriptive scales such as high, medium, and low to categorize risks, rather than numerical values. This technique is best used when the available data is limited or when the organization is looking for a high-level view of the risks they face.

Out of the options given, the risk that would be best assessed using qualitative risk assessment techniques is option C - Permanent decline in customer confidence. This risk involves a subjective measure of the impact of a potential event on customer confidence. It is difficult to quantify the actual impact of such an event, but it is important for the organization to understand the potential severity of such an impact.

Option A - Theft of purchased software, and Option D - Temporary loss of e-mail due to a virus attack, both involve the loss of assets and can be assessed using quantitative risk assessment techniques. These techniques involve using numerical values to calculate the likelihood and impact of a risk, which can be more accurate than qualitative techniques when the data is available.

Option B - Power outage lasting 24 hours, is a risk that can also be assessed using quantitative risk assessment techniques since it involves the loss of critical infrastructure. It may be important for the organization to understand the financial impact of a power outage lasting 24 hours, such as lost revenue, damage to equipment, or potential penalties for violating service-level agreements.