Justify security project investments in terms of business and adequate to the budgets.
To know the risk evolution expected applying of the action plan. The simulation of results in the short, medium and long term, allows the organization to make correct decisions regarding the risk.
To adapt the organization to regulations and legal dispositions.
From the Risk Impact reports, it is possible to know the risk values propagated in the Products, Business Processes and IT assets.