Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

risk tolerance

Definitions:

  The level of risk an entity is willing to assume in order to achieve a potential desired result.
Sources:
CNSSI 4009-2015
NIST SP 800-137 under Risk Tolerance
NIST SP 800-137A from NIST SP 800-137

  The level of risk or the degree of uncertainty that is acceptable to an organization.
Sources:
NIST SP 800-53 Rev. 5 from NIST SP 800-39
NIST SP 800-53A Rev. 5 from NIST SP 800-39

  The organization’s or stakeholder’s readiness to bear the remaining risk after responding to or considering the risk in order to achieve its objectives.
Sources:
NIST SP 800-161r1 from NISTIR 8286 - adapted

  The organization or stakeholder’s readiness to bear the risk after risk treatment in order to achieve its objectives. 
Sources:
NIST SP 800-160v1r1 from ISO Guide 73

  The readiness of an organization or stakeholders to bear the remaining risk after responding to or considering the risk to achieve its objectives (while recognizing that such tolerance can be influenced by legal or regulatory requirements)
Sources:
NIST SP 800-221

  The acceptable level of variance in performance relative to the achievement of objectives.
Sources:
NIST SP 800-221 from OMB Circular A-123

  Risk tolerance is the degree of risk or uncertainty that is acceptable to an organization.
Sources:
NISTIR 8170 under Risk Tolerance

  The level of risk that the Manufacturer is willing to accept in pursuit of strategic goals and objectives.
Sources:
NISTIR 8183 under Risk Tolerance
NISTIR 8183 Rev. 1 under Risk Tolerance
NISTIR 8183A Vol. 1 under Risk Tolerance
NISTIR 8183A Vol. 2 under Risk Tolerance
NISTIR 8183A Vol. 3 under Risk Tolerance

  The level of risk or degree of uncertainty that is acceptable to organizations.
Sources:
NIST Privacy Framework Version 1.0 under Risk Tolerance from NIST SP 800-39

  The organization’s or stakeholder’s readiness to bear the remaining risk after risk response in order to achieve its objectives, with the consideration that such tolerance can be influenced by legal or regulatory requirements.
Sources:
NISTIR 8286 under Risk Tolerance from ISO Guide 73