risk appetite

In risk management, risk appetite is the level of risk an organization is prepared to accept.

Risk appetite constraints are not easy to define; every organization can tolerate different levels of risk. It is important, however for the organization to establish a common understanding of risk and be prepared for the likelihood and impact of known threats. Organizations should define the maximum level of risk tolerance in each area of risk before taking action.

Download this free guide

Action Required: The California Privacy Laws Are Here

It’s not just the EU that’s putting customer data protection legislation into place – the new California privacy laws are now effective as of January 2020. Here’s what your company should know about the new data protection laws and their key differences from the EU’s GDPR before these laws get stricter and stricter.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

Organizations sometimes express their risk appetite through the creation of a risk appetite statement, a document that helps guide organizational risk management activities. The statement should be based on a review of the perspectives and concerns of all stakeholders and address the implications of current corporate strategies and practices. 

See also: risk assessment framework