Portion of risk remaining after security measures have been applied.
Sources:
CNSSI 4009-2015
NIST SP 800-30 Rev. 1
under Residual Risk
from
CNSSI 4009
NIST IR 8323r1
from
CNSSI 4009-2015
the potential for the occurrence of an adverse event after adjusting for theimpact of all in-place safeguards. (See Total Risk, Acceptable Risk, and Minimum Level of Protection.)
Sources:
NIST SP 800-16
under Residual Risk
Portion of risk remaining after controls/countermeasures have been applied.
Sources:
NIST SP 800-161r1
from
NIST SP 800-16 - adapted
Risk that remains after risk responses have been documented and performed.
Sources:
NISTIR 8286
under Residual Risk