Risk Analysis is a practice used to identify and assess factors that may jeopardize the success of a project or achieving a goal. Security Risk Analysis or Risk Assessment could be Quantitative and Qualitative
Quantitative risk analysis is based on potential loss multiplying by probability. Qualitative risk analysis is based on analysis of interrelated elements: Threats, Vulnerabilities and Controls (countermeasures for vulnerabilities)