Risk Capacity and Risk Appetite

Posted on by

Risk Capacity and Risk Appetite

  • Risk Exposure is the potential loss presented to an individual, project, or organization by a risk. (ISO 16085:2006)
  • Risk Tolerance is the acceptable level of variation that management is willing to allow for any particular risk as the enterprise pursues its objectives.(ISACA, 2019)
  • Risk Threshold is the level of risk exposure above which risks are addressed and below which risks may be accepted. (PMBOK Guide — Sixth Edition)
  • Risk Treatment is the process to eliminate risk or reduce it to a tolerable level. (ISO 15026-3:2015)
  • Risk Appetite is the amount and type of risk that an organization is willing to pursue or retain. (ISO/Guide 73:2009)
  • Risk Capacity refers to the maximum amount of risk that an organization is able to endure.

1 thought on “Risk Capacity and Risk Appetite

  1. Pingback: 風險承受能力和風險偏好(Risk Capacity and Risk Appetite) – Choson資安大小事

Leave a Reply