Question:
(a) What are the two major types of risk analysis?
(b) Which type is generally used in risk analysis of information systems and why?
(c) Explain the methodology for carrying out a qualitative risk assessment. Your answer should describe the 10 main steps for performing a
qualitative risk assessment and describe the activities involved at each stage.
(d) Explain how risk management is integrated into the software development lifecycle (SDLC). Your answer should explain how risks are dealt at each stage of the SDLC.