The IT Law Wiki
The IT Law Wiki

Definitions[]

Risk severity is

[a] function of the risk exposure compared to the timeframe. The control agencies require risks of a certain severity to be escalated. Ranking of risks is often driven by severity.[1]
[a] combination of the likelihood of a damaging event actually occurring and the assessed potential impact on the organization's mission and goals if it does occur.[2]

References[]