Re: The logical next step is the two-dimensional risk rating approach
What tends to happen is that someone comes up with a clever multi-factor way to score the problems. For simplicity, that's then boiled down to a 100 point score. Then the fact that there's no difference between a score of 90 and 91 means it's boiled down to a 10 point score!
Then the 10 point score is considered too simplistic so we have a number after the decimal point...
Biting the hand that feeds IT
