risk assessment
The product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making.
Senses
Sense 1
The product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making.
The appraisal of the risks facing an entity, asset, system, or network, organizational operations, individuals, geographic area, other organizations, or society, and includes determining the extent to which adverse circumstances or events could result in harmful consequences.
References
- NICCS (CISA) Cybersecurity VocabularyJan 06, 2026NICCS glossary export (CSV)https://niccs.cisa.gov/rest/vocab/export-csvNICCS is a CISA (DHS) program. Individual glossary entries include a "From" attribution (e.g., CNSSI 4009, NIST SPs, NICE Framework). Treat "From" values as upstream provenance and verify before quoting large portions of text.Source: NICCS (CISA) Cybersecurity Vocabulary (niccs.cisa.gov).