Yes a product although the term "two axes" works as well. It's a pretty common way of quantifying "risk" into something that you can tabulate and form a todo list. You list your risks and give each one a score from 0-9 that is made up of "chance of happening" x "business impact or importance or whatever". You could score either as zero as well which will obviously cause the total score to be zero.
I'll be changing our Risk Reg soon to become a Risks and Opportunities Register after a discussion in our last ISO 9001 audit. Not sure how the scoring scheme will work for that yet.
This may look like a bit of a silly pseudo formal exercise but it really does help with decision making. There's nothing wrong with bending the scores either, if you are open about it. It is simply a way of prioritising a list of things to do in the end.
I have to be a PHB sometimes as well as a sysadmin 8)