inherent risk

Inherent risk is a category of threat that describes potential losses or pitfalls that exist before internal security controls or mitigating factors are implemented.

Inherent risk is a category of threat that arises from the organization's human activity or physical environment. 

There are four basic ways of dealing with risk: reduce it, avoid it, accept it or transfer it. Inherent risk, which addresses the possibility that some human mistake or natural event will adversely affect an organization's assets, cannot be avoided or transferred away. If controls are not introduced to reduce inherent risk, it must be accepted. 

See also: pure risk, systemic risk, speculative risk, residual risk

This was first published in May 2014

Glossary

'inherent risk' is part of the:

View All Definitions

Dig deeper on Risk management and compliance

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCIO

SearchHealthIT

SearchCloudComputing

SearchDataCenter

SearchDataManagement

SearchSecurity

Close