The IT Law Wiki
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cell phone
Radio frequency spectrum
RFID tag
Cloud consumer
Internet
Newly Changed Pages
Computer terminal
Persuasive evidence
Website operator
Bfdi
Email bombing
Pornography
Message modification
Most Popular Pages
community
Community portal
forum
FANDOM
Fan Central
BETA
Games
Anime
Movies
TV
Video
Wikis
Explore Wikis
Community Central
Start a Wiki
Don't have an account?
Register
Sign In
Advertisement
Sign In
Register
The IT Law Wiki
34,539
pages
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cell phone
Radio frequency spectrum
RFID tag
Cloud consumer
Internet
Newly Changed Pages
Computer terminal
Persuasive evidence
Website operator
Bfdi
Email bombing
Pornography
Message modification
Most Popular Pages
community
Community portal
forum
in:
Security
,
Definition
,
Military
Acceptable level of risk
Edit
Edit source
View history
Talk (0)
Contents
1
Definitions
1.1
General
1.2
Military
2
References
3
See also
Definitions
[
]
General
[
]
An
acceptable level of risk
is
“
the level of
risk
that is tolerable in a given situation. It is determined from: an analysis of
threats
and
vulnerabilities
, the
sensitivity
of
data
and
applications
, a
cost/benefit analysis
, and a study of the technical and operational
feasibility
of available controls.
”
Military
[
]
An
acceptable level of risk
is
“
[a]n authority's determination of the level of potential harm to an operation, program, or activity due to the loss of
information
that the authority is willing to accept.
[1]
”
“
a judicious and carefully considered
assessment
by the appropriate
Designated Approving Authority
(
DAA
) that an
automatic data processing
(
ADP
) activity or
network
meets the minimum requirements of applicable
security
directives. The
assessment
should take into account the value of
ADP
assets
,
threats
and
vulnerabilities
,
countermeasures
and their
efficiency
in compensating for
vulnerabilities
, and operational requirements.
[2]
”
References
[
]
↑
Secretary of the Air Force, Operations Security (OPSEC) (Air Force Instruction 10-701), at 36 (June 8, 2011) (
full-text
).
↑
OPNAVINST 5239.1A; Draft Comprehensive Information Assurance Dictionary 6 (1995) (
full-text
).
See also
[
]
Acceptable risk
Risk
Advertisement
Follow on IG
TikTok
Join Fan Lab