Definition

risk appetite

Contributor(s): Emily McLaughlin

In risk management, risk appetite is the level of risk an organization is prepared to accept.

Risk appetite constraints are not easy to define; every organization can tolerate different levels of risk. It is important, however for the organization to establish a common understanding of risk and be prepared for the likelihood and impact of known threats. Organizations should define the maximum level of risk tolerance in each area of risk before taking action.

Organizations sometimes express their risk appetite through the creation of a risk appetite statement, a document that helps guide organizational risk management activities. The statement should be based on a review of the perspectives and concerns of all stakeholders and address the implications of current corporate strategies and practices.

See also: risk assessment framework

This was last updated in August 2013

Continue Reading About risk appetite

Free IT risk assessment template and guide

Risk management: Risk-based approach to compliance

Operational risk management strategies bridge gaps

Framework overview: Risk appetite

Syncing risk management and strategic planning

Dig Deeper on Risk management and compliance

Start the conversation

Send me notifications when other members comment.

SearchCIO

Quantum computing challenges and opportunities

While quantum computing is still under development, IT leaders should know how they can use it today to stay on the competitive ...
COVID-19 jolts tech spending, spurs more flexible vendor terms

IT spending by companies in the early days of COVID-19 quickly turned to cost-cutting. Learn how vendors responded with new terms...
8 ways CIOs can help companies emerge strong after COVID-19

We continue to navigate the choppy waters created by the COVID-19 pandemic, but here are eight ways companies can enable digital ...

SearchHealthIT

VA CIO: COVID-19 has accelerated digital projects

In this Q&A, VA CIO James Gfrerer describes how the COVID-19 pandemic has changed his priorities for and his approach to digital ...
VA prepares for its first Cerner EHR launch

After months of delays, a sizable cost inflation and in the midst of a pandemic, the U.S. Department of Veterans Affairs is ready...
Nvidia brings federated learning to COVID-19 patient data

Researchers from 20 healthcare institutions built an AI model to predict the supplemental oxygen needs for COVID-19 patients. And...

SearchCloudComputing

Explore the tools for disaster recovery on AWS, Azure and GCP

Utilize cloud infrastructure for your disaster recovery plan. Learn about the tools and services from AWS, Google and Microsoft ...
Cloud performance testing is necessary for app migration

So, you're moving your app to the cloud. Is it ready for that? Here's how to test it to see if it will meet performance goals ...
Best practices for defining a cloud monitoring strategy

Uptime. Downtime. Security protections. There are plenty of things to watch for, so an effective cloud monitoring strategy ...

SearchDataCenter

Figure out the differences of asset management vs. CMDB

There is no shortage of software options for change management tools. Operational goals can help IT teams decide if ITAM or CMDB ...
IBM partners with HBCUs to promote quantum computing

IBM is partnering with a group of historically Black colleges and universities to set up a quantum computing center in hopes of ...
Learn SELinux commands for management and troubleshooting

SELinux provides a more secure way to run Linux servers. Key commands for status, file management and troubleshooting can help ...

SearchDataManagement

How AI data privacy can help your enterprise

Enterprises benefit in many ways from AI data privacy tools that reduce the need for manual efforts from data professionals. Read...
The new normal for enterprise data governance

Mastercard data exec highlights the foundational role of enterprise data governance during the pandemic era with more people ...
Oracle accelerates Exadata database cloud service

More powerful server hardware is coming to the Exadata database service, bringing increased scalability and throughput for ...

SearchSecurity

Planning a zero-trust strategy in 6 steps

Launch a zero-trust strategy in six steps. Learn how to form a dedicated team, ask questions about existing security controls and...
Zero-trust implementation begins with choosing an on-ramp

Zero-trust security has three main on-ramps -- each with its own technology path. For a clear-cut zero-trust implementation, ...
Combating disinformation campaigns ahead of 2020 election

As the 2020 election approaches, more focus needs to be on overcoming disinformation campaigns that manipulate voters as they ...

Close