Term Definition
Residual Risk
The level of risk remaining after controls and mitigations have been applied.
Residual risk is the net exposure after accounting for existing controls. The objective is for residual risk to remain within the risk appetite. If it exceeds this threshold, additional controls or a treatment plan are required.
Master this concept and more
Start your GRC certification journey today.