Be the first to like this
Traditional Risk Assessments use "heat maps", or risk matrices, to develop rankings, leading to decision making on projects, operations. Risks are ranked from larger to lower, sometimes splitting them into three or more classes of criticality.
Those approaches may be complaint with ISO31000, ONR49000, COSO, but they are not the best you can do!
As we will show in this paper, they actually lack in focus and transparency. Ingenious methods allow to reuse those data, however, and make far better decisions based on rational and sustainable rankings.