Total Risk

From FISMApedia
Jump to: navigation, search

NIST SP 800-16

The potential for the occurrence of an adverse event if no mitigating action is taken (i.e., the potential for any applicable threat to exploit a system vulnerability). (See Acceptable Risk, Residual Risk, and Minimum Level of Protection.)