The MOST likely reason to use qualitative security risk assessments instead of quantitative methods is when:
A. an organization provides services instead of hard goods.
B. a security program requires independent expression of risks.
C. available data is too subjective.
D. a mature security program is in place.
A. an organization provides services instead of hard goods.
B. a security program requires independent expression of risks.
C. available data is too subjective.
D. a mature security program is in place.