Risk Severity Ratings

the following definitions for severity ratings are used throughout hexiosec asm low this level indicates that the risk is minor and can be handled through regular, established procedures it doesn't pose a significant threat but should still be monitored medium a medium level risk suggests a more substantial concern that may require additional controls or mitigations beyond routine procedures it signals the need for a proactive response high a high level risk indicates a significant threat that demands attention it suggests that the risk is significant enough to warrant a focused effort to address and mitigate it effectively critical this is the highest level of risk, emphasising the severity and the need for immediate attention and action critical risks require swift and decisive measures to prevent or minimise potential damage to systems, reputation, or loss of data