The next step using the risk assessment template for ISO 27001 is to quantify the probability and business impact of potential threats as follows: Frequency with which the threat could take ...