To quantify the risk associated with an asset, the system uses different metrics according to the type of information you want to analyze. These include: PSR, Risk Index, Security Index, Gap Index, and the Control Index. Each of these metrics will be explained in this section. They are essential for understanding the results of risk projects and risk queries.
Note that vulnerabilities use the Risk Score, a metric specifically designed to measure the risk associated with vulnerabilities identified by external scanners. For details on this metric and how to customize it, see Chapter 17: Administration -> Customizations -> Risk Score.