Compare/contrast qualitative and quantitative assessments.

Based on your experience, provide examples of each.

Determine which approach is best to assess IT risk.

Be sure to include your rationale.