inherent risk

Inherent risk is a category of threat that describes potential losses or pitfalls that exist before internal security controls or mitigating factors are implemented.

Inherent risk is a category of threat that arises from the organization's human activity or physical environment. 

There are four basic ways of dealing with risk: reduce it, avoid it, accept it or transfer it. Inherent risk, which addresses the possibility that some human mistake or natural event will adversely affect an organization's assets, cannot be avoided or transferred away. If controls are not introduced to reduce inherent risk, it must be accepted. 

See also: pure risk, systemic risk, speculative risk, residual risk

This was first published in May 2014

Dig Deeper

PRO+

Content

Find more PRO+ content and other member only offers, here.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCIO

SearchHealthIT

SearchCloudComputing

SearchDataCenter

SearchDataManagement

SearchSecurity

Close