U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Computer Security Resource Center

Computer Security Resource Center

    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

information security risk

Definition(s):

  The risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or information systems. See risk.
Source(s):
CNSSI 4009-2015 from NIST SP 800-30 Rev. 1

  The risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and /or information systems. See Risk.
Source(s):
NIST SP 800-137 under Information Security Risk from NIST SP 800-39

  The risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or a system.
Source(s):
NIST SP 800-12 Rev. 1 under Information Security Risk from NIST SP 800-30 Rev. 1

  The risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or systems.
Source(s):
NIST SP 800-37 Rev. 2
NIST SP 800-53 Rev. 5 from NIST SP 800-30 Rev. 1

  The risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or information systems.
Source(s):
NIST SP 800-39 under Information Security Risk
NIST SP 1800-25B under Information Security Risk from CNSSI 4009-2015, NIST SP 800-30 Rev. 1
NIST SP 1800-26B under Information Security Risk from CNSSI 4009-2015, NIST SP 800-30 Rev. 1
NIST SP 800-53 Rev. 4 [Superseded] under Information Security Risk

  The risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or information systems. See Risk.
Source(s):
NIST SP 800-30 Rev. 1 under Information Security Risk