Computer technologies and software are an integral part of virtually every business operating today. Consistent and reliable functionality of software used by companies is one aspect to maintaining a successful business. However, computer software is rarely without flaw. Each piece of software, hardware, and the like is prone to malfunction. A determination of the risk or vulnerability associated with the computer technology is helpful in determining which software to implement, which to eliminate, and the like.
In current business organizations, risk associated with software is subjectively determined by an individual assessing one or more computer technologies. This risk assessment process is not only time-consuming and inefficient, it also leaves a considerable amount of variability between assessments since each individual making the assessment uses different criteria, different weighting assignments, and the like. Accordingly, it is difficult to compare risk associated with computer technologies for which risk assessments have been made by different individuals. An objective system and method for assessing risk would thus be advantageous.