When there’s insufficient data, the Desktop Software and Mobile Software risk vectors are assigned a default grade. Either:
- There are no findings.
- The estimated number of users falls below a minimum threshold. To avoid sudden fluctuations, the risk vector is reassigned an A to F grade when the estimated number of users has stayed above the threshold for 65 days.
The threshold is determined as follows:
- The estimated number of users is less than 5, or
- The estimated number of users is less than 100 and less than the number of employees divided by 1,000.
Examples
Number of Employees | Threshold (Estimated Users) |
---|---|
1,000 | Less than 5 |
5,000 | Less than 5 |
20,000 | Less than 20 |
100,000 | Less than 100 |
200,000 | Less than 100 |
- March 20, 2024: Published.
Feedback
0 comments
Please sign in to leave a comment.