Inherent risk: Inherent risk refers to the exposure to potential negative outcomes in any activity or process that is present before any mitigating controls or actions are applied. It’s essential in risk management to assess the raw exposure to threats in order to effectively plan for risk reduction measures. Examples include the inherent risk of data breaches due to system vulnerabilities or the inherent risk of investment loss due to market volatility.
Categories: CC D1: Security Principles | CCSP D6: Legal - Risk and Compliance | CISM D2: Information security risk management | CISSP D1: Security and Risk Management | Security+ D5: Security Program Management and Oversight | SSCP D3: Risk Identification Monitoring and Analysis
« Back to Glossary Index