This message was posted by a user wishing to remain anonymous
Hello TPRM community,
Background: I work for a community Bank.
I am curious as to how much weight do you put on your risk categories when conducting your risk assessment within venminder or any other tool, and why?
For example, we place 20% weight for Operational, Cyber and Business continuity categories. However, we don't particularly have a good rationale.
How does everybody else decide?
Thanks, and Happy New Year to everybody.