Definition

risk appetite

Emily McLaughlin, Content Development Strategist

In risk management, risk appetite is the level of risk an organization is prepared to accept.

Risk appetite constraints are not easy to define; every organization can tolerate different levels of risk. It is important, however for the organization to establish a common understanding of risk and be prepared for the likelihood and impact of known threats. Organizations should define the maximum level of risk tolerance in each area of risk before taking action.

Organizations sometimes express their risk appetite through the creation of a risk appetite statement, a document that helps guide organizational risk management activities. The statement should be based on a review of the perspectives and concerns of all stakeholders and address the implications of current corporate strategies and practices.

Continue Reading About risk appetite

Free IT risk assessment template and guide

Risk management: Risk-based approach to compliance

Operational risk management strategies bridge gaps

Framework overview: Risk appetite

Syncing risk management and strategic planning

risk appetite

Continue Reading About risk appetite

Dig Deeper on Risk management and compliance

What is integrated risk management (IRM)?

5 steps to determine residual risk during the assessment process

Gartner: Expanding SOC capabilities a priority for enterprises

RM principles should guide compliance management system development

Continue Reading About risk appetite

Related Terms

Dig Deeper on Risk management and compliance

What is integrated risk management (IRM)?

5 steps to determine residual risk during the assessment process

Gartner: Expanding SOC capabilities a priority for enterprises

RM principles should guide compliance management system development