How Can We Help?
The process of identifying the risks to system security and determining the likelihood of occurrence, the resulting impact, and the additional safeguards that mitigate this impact. Part of risk management and synonymous with risk assessment.
SOURCE: SP 800-27
Examination of information to identify the risk to an information system. See Risk Assessment.
SOURCE: CNSSI-4009