Industrial Cybersecurity & OT Risk worked example
Legacy OS Risk Score with legacy os business impact rating of 4.5 score: a worked example
Suppose legacy os business impact rating falls to 4.5 score. This page works the full calculation at that level so you can see exactly which result moves and by how much. Rank risk from legacy operating systems in OT using impact, exposure, and compensating control weakness.
The inputs for this scenario
- Legacy OS business impact rating: 4.5 score (the input this scenario stresses; the baseline uses 9)
- Legacy OS network exposure rating: 6 score (held at the documented default)
- Compensating control weakness rating: 5 score (held at the documented default)
Working through the calculation
- The calculation starts from the formula this tool documents: Legacy OS risk score = legacy OS impact score × legacy OS exposure score × compensating control weakness score.
- Legacy OS risk score works out to 5.15 score at these inputs, and this is the headline figure for the scenario.
- Legacy OS impact score works out to 4.5 score at these inputs.
- Legacy OS exposure score works out to 6 score at these inputs.
- Compensating control weakness score works out to 5 score at these inputs.
How this compares with the baseline
- Against the tool's baseline example, where legacy os business impact rating sits at 9 score and the headline result is 6.95 score, this scenario comes in 25.9% below the baseline at 5.15 score.
- It multiplies three ratings — legacy OS impact, network exposure and compensating-control weakness — into a single comparative risk score for an unsupported OT asset. When the numbers land here, the stressed input is the lever to work; the walkthrough above shows exactly how much each output recovers as it climbs back toward the baseline.
Results at a glance
- Legacy OS risk score: 5.15 score (headline result)
- Legacy OS impact score: 4.5 score
- Legacy OS exposure score: 6 score
- Compensating control weakness score: 5 score
Run it with your numbers
- To rerun this with your own numbers, open the live Legacy OS Risk Score calculator, set legacy os business impact rating to your actual value, and adjust the remaining inputs to match your operation.
Last reviewed 2026-05-12.