Answer:
c. risk assessment factors
Explanation:
Risk is the likelihood of the occurrence of a vulnerability multiplied by the value of the information asset minus the percentage of risk mitigated by current controls plus the uncertainty of current knowledge of the vulnerability,
The process of evaluating the relative risks of each vulnerability in an organization is known as risk assessment. Risk assessment is done by assigning a risk score or rating to each information asset thereby making it possible to determine the relative risks of each information asset.