Definition

residual risk

Contributor(s): Fran Sales

Residual risk is the threat that remains after all efforts to identify and eliminate risk have been made.

There are four basic ways of dealing with risk: reduce it, avoid it, accept it or transfer it. Since residual risk is unknown, many organizations choose to either accept residual risk or transfer it -- for example, by purchasing insurance to transfer the risk to an insurance company.

When addressing residual risk, organizations should:

Identify relevant governance, risk and compliance (GRC) requirements.
Determine the organization's control framework's strengths and weaknesses.
Acknowledge existing risks.
Define the organization's risk appetite.
Identify available options for offsetting unacceptable residual risks.

This was last updated in April 2014

Continue Reading About residual risk

Review five steps to identifying residual risk in the risk assessment process

Learn the operational and compliance risks associated with outsourcing

Read this ISO27k FAQ for common questions regarding risk assessment and management

Watch this video on how to be more proactive in your risk assessments

Check out the Information Security Handbook's residual risk formula

Dig Deeper on Risk management and compliance

SearchCIO

Leaders discuss challenges, strategies for women in IT

Women in tech still face challenges, including finding opportunities for advancement and management support. A recent panel of ...

14 tips for CIOs managing shadow IT activities

As the advent of cloud technology has made it easier to launch shadow IT, CIOs must be increasingly diligent to identify and ...

Top 2020 IT priorities hold fast amid COVID-19; spending takes hit

The biggest IT spending drivers from TechTarget's 2020 IT Priorities Survey remain relevant amid the COVID-19 pandemic, although ...

SearchHealthIT

Pandemic could alter healthcare CIO terrain

Harris Health System CIO David Chou talks about how COVID-19 has changed the healthcare CIO's technology strategy -- and why it ...

Surge in digital health tools to continue post-pandemic

Four healthcare leaders explain how COVID-19 will help make digital health tools mainstream.

Fallout from HIMSS20 cancellation continues

Attendees and exhibitors shared their disappointment with how the HIMSS20 cancellation was handled, including a lack of ...

SearchCloudComputing

5 ways to reduce cloud costs

Organizations need the right strategies in place to avoid cloud cost pitfalls. Stay within your budget with these cost management...

Confront cloud security challenges with these 5 tips

Security gets complicated when the cloud overlaps with other technologies, such as AI and serverless. Review these common risks, ...

10 open source cloud security tools to know

While cloud providers offer native security tools, there also are plenty of useful open source options. Here's a sample of open ...

SearchDataCenter

Pick a data center layout: Raised floors vs. overhead cabling

There's no definitive design when it comes to data center infrastructure. Cost, manageability and cooling effectiveness are all ...

Traditional vs. converged vs. hyper-converged infrastructure setups

HCI clusters, converged infrastructure and rack servers all offer benefits for a data center. Still, figuring out which is easier...

IBM layoffs target services, marketing employees

IBM layoffs under newly appointed CEO Arvind Krishna largely affect its Global Technology Services and marketing groups.

SearchDataManagement

Big data security management embraces governance, privacy

Cyberattacks, GDPR and CCPA compliance, and COVID-19 present serious security and privacy challenges for managers tasked with ...

GDPR, CCPA, cloud drive security management tool makeovers

As data protection and privacy laws like GDPR and CCPA take hold, data managers refine governance practices, while vendors ...

Improving enterprise data governance with data trust

Talend users from Covanta and AutoZone provide insight into data management challenges amid growing data complexity at the Talend...

SearchSecurity

Cisco servers breached through SaltStack vulnerabilities

Threat actors exploited critical SaltStack flaws, which were disclosed and patched last month, in a Cisco product to breach ...

How security testing could change after COVID-19

As companies look to bring employees back into the office, security teams must consider how to handle security testing due to ...

Guide to preventing coronavirus phishing and ransomware

Malicious actors are taking advantage of coronavirus fears to wreak havoc on cybersecurity. Check out our guide to learn about ...

residual risk

Continue Reading About residual risk

Dig Deeper on Risk management and compliance

5 steps to determine residual risk during the assessment process

pure risk (absolute risk)

Acquiring cybersecurity insurance: Why collaboration is key

Singapore university taps Verizon’s cyber security knowhow

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCIO

Leaders discuss challenges, strategies for women in IT

14 tips for CIOs managing shadow IT activities

Top 2020 IT priorities hold fast amid COVID-19; spending takes hit

SearchHealthIT

Pandemic could alter healthcare CIO terrain

Surge in digital health tools to continue post-pandemic

Fallout from HIMSS20 cancellation continues

SearchCloudComputing

5 ways to reduce cloud costs

Confront cloud security challenges with these 5 tips

10 open source cloud security tools to know

SearchDataCenter

Pick a data center layout: Raised floors vs. overhead cabling

Traditional vs. converged vs. hyper-converged infrastructure setups

IBM layoffs target services, marketing employees

SearchDataManagement

Big data security management embraces governance, privacy

GDPR, CCPA, cloud drive security management tool makeovers

Improving enterprise data governance with data trust

SearchSecurity

Cisco servers breached through SaltStack vulnerabilities

How security testing could change after COVID-19

Guide to preventing coronavirus phishing and ransomware

Continue Reading About residual risk

Related Terms

Dig Deeper on Risk management and compliance

5 steps to determine residual risk during the assessment process

pure risk (absolute risk)

Acquiring cybersecurity insurance: Why collaboration is key

Singapore university taps Verizon’s cyber security knowhow

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.

File Extensions and File Formats