I find very surprising how popular it is to rate vulnerabilities, threats or risks using the High-Medium-Low scale or derivatives.
In practice is notoriously inefficient and a wast of time, as it only feeds the Chewbacca defense.
It does not promote either communication collaboration.
The Chewbacca Defense at SouthPark
The Original Chewbacca Defense
If you liked this article, consider taking advanced ISMS training online via Udemy