IT-Related Risk

February 28, 2018

IT-Related Risk

You are here:
< Back

The net mission/business impact considering
1) the likelihood that a particular threat source will exploit, or trigger, a particular information system vulnerability, and
2) the resulting impact if this should occur. IT-related risks arise from legal liability or mission/business loss due to, but not limited to:

  • Unauthorized (malicious, non-malicious, or accidental) disclosure, modification, or destruction of information;  Non-malicious errors and omissions;
  • IT disruptions due to natural or man-made disasters; or
  • Failure to exercise due care and diligence in the implementation and operation of the IT.

SOURCE: SP 800-27