- Risk Exposure is the potential loss presented to an individual, project, or organization by a risk. (ISO 16085:2006)
- Risk Tolerance is the acceptable level of variation that management is willing to allow for any particular risk as the enterprise pursues its objectives.(ISACA, 2019)
- Risk Threshold is the level of risk exposure above which risks are addressed and below which risks may be accepted. (PMBOK Guide — Sixth Edition)
- Risk Treatment is the process to eliminate risk or reduce it to a tolerable level. (ISO 15026-3:2015)
- Risk Appetite is the amount and type of risk that an organization is willing to pursue or retain. (ISO/Guide 73:2009)
- Risk Capacity refers to the maximum amount of risk that an organization is able to endure.