Risk

Risk

Feb 12, 2019

In general terms, Risk is the likelihood that unplanned events will occur and impact the achievement of strategy and business objectives. Risk is commonly presented qualitatively and/or quantitatively. Risk is a measure of the combination of the extent to which an entity is threatened by a potential circumstance or event on organizational operations (including mission, functions, or reputation), organizational assets, or individuals resulting from the operation of an information system given the potential impact of a threat; and the likelihood of that threat occurring. COSO 2017 page 110.A measure of the extent to which an entity is threatened by a potential circumstance or event, and typically a function of the level of impact on organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals resulting from the operation of an information system given the potential impact of a threat; and the likelihood of that threat occurring.

Retrieved and adapted from NIST SP 800-53 Rev. 4 under Risk and FIPS 200 under RISK (2018). https://csrc.nist.gov/glossary/term/risk

Sub Topics