Definitions[]
Risk severity is
“ | [a] function of the risk exposure compared to the timeframe. The control agencies require risks of a certain severity to be escalated. Ranking of risks is often driven by severity.[1] | ” |
“ | [a] combination of the likelihood of a damaging event actually occurring and the assessed potential impact on the organization's mission and goals if it does occur.[2] | ” |
References[]
- ↑ California Office of Systems Integration, Definitions (full-text).
- ↑ Cybersecurity A Primer for State Utility Regulators, App. B.