The level of risk an entity is willing to assume in order to achieve a potential desired result.
Sources:
CNSSI 4009-2015
NIST SP 800-137
under Risk Tolerance
NIST SP 800-137A
from
NIST SP 800-137
The level of risk or the degree of uncertainty that is acceptable to an organization.
Sources:
NIST SP 800-53 Rev. 5
from
NIST SP 800-39
NIST SP 800-53A Rev. 5
from
NIST SP 800-39
The organization’s or stakeholder’s readiness to bear the remaining risk after responding to or considering the risk in order to achieve its objectives.
Sources:
NIST SP 800-161r1-upd1
[11/1/2024 errata update]
from
NISTIR 8286 - adapted
The organization or stakeholder’s readiness to bear the risk after risk treatment in order to achieve its objectives.
Sources:
NIST SP 800-160v1r1
from
ISO Guide 73
The readiness of an organization or stakeholders to bear the remaining risk after responding to or considering the risk to achieve its objectives (while recognizing that such tolerance can be influenced by legal or regulatory requirements)
Sources:
NIST SP 800-221
The acceptable level of variance in performance relative to the achievement of objectives.
Sources:
NIST SP 800-221
from
OMB Circular A-123
Risk tolerance is the degree of risk or uncertainty that is acceptable to an organization.
Sources:
NISTIR 8170
under Risk Tolerance
The level of risk that the Manufacturer is willing to accept in pursuit of strategic goals and objectives.
Sources:
NISTIR 8183
under Risk Tolerance
NISTIR 8183 Rev. 1
under Risk Tolerance
NISTIR 8183A Vol. 1
under Risk Tolerance
NISTIR 8183A Vol. 2
under Risk Tolerance
NISTIR 8183A Vol. 3
under Risk Tolerance
The level of risk or degree of uncertainty that is acceptable to organizations.
Sources:
NIST Privacy Framework Version 1.0
under Risk Tolerance
from
NIST SP 800-39
The organization’s or stakeholder’s readiness to bear the remaining risk after risk response in order to achieve its objectives, with the consideration that such tolerance can be influenced by legal or regulatory requirements.
Sources:
NISTIR 8286
under Risk Tolerance
from
ISO Guide 73