inherent risk

Contributor(s): Francesca Sales

Inherent risk is a category of threat that arises from the organization's human activity or physical environment. 

There are four basic ways of dealing with risk: reduce it, avoid it, accept it or transfer it. Inherent risk, which addresses the possibility that some human mistake or natural event will adversely affect an organization's assets, cannot be avoided or transferred away. If controls are not introduced to reduce inherent risk, it must be accepted. 

See also: pure risk, systemic risk, speculative risk, residual risk

This was last updated in May 2014

Dig Deeper on Risk management and compliance

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.


File Extensions and File Formats

Powered by:





  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...