Core Idea
Risk quantification is a discipline for making uncertainty discussable. It forces the practitioner to separate frequency, impact, confidence, assumptions, and decision usefulness. Done well, it upgrades risk conversations from coloured adjectives to explicit reasoning.
For example, a board conversation changes when a learner says, "we estimate this scenario between X and Y with low confidence because these assumptions are weak." The teaching consequence is not mathematical theatre; it is clearer uncertainty and better decisions.
Use In Teaching
Invoke this card when learners ask about FAIR, cyber risk quantification, heat maps, board reporting, or security investment decisions. It should push them to ask what decision the number is meant to improve.
Use it when learners reach for precision too quickly or dismiss numbers entirely. The session should focus on decision usefulness: what range would change a budget, remediation priority, insurance choice, or executive conversation? Quantification earns its place only when it improves a decision.
A reviewer should check that Risk Quantification leaves the learner with one artefact to inspect, one assumption to test, and one behaviour to observe in their local context. That keeps the concept practical instead of turning it into vocabulary.
Contrast
This is not fake precision. It pushes back against multiplying ordinal scores and calling the result quantitative. A number without a decision, range, or assumption trail is just theatre with decimals.
Practice Prompt
What decision would improve if one of your top risks moved from red/yellow/green to a quantified range with stated assumptions?