Residual Risk

1. Residual Risk is the remaining risk which cannot be defined in more detail after elimination or inclusion of all conceivable quantified risks in a risk consideration. Residual risk is the level of uncontrolled risk remaining after the risk treatment.

Related Terms: Risk Acceptance.

	BCMBoK	Competency Level
	BCMBoK 2: Risk Analysis & Review	CL 1B: Foundation (BC)

	BCMBoK	Competency Level
	BCMBoK 7: Program Management	CL 2C: Intermediate (CM)

	BCMBoK	Competency Level
	BCMBoK 7: Program Management	CL 2D: Intermediate (DR)

(Source: Business Continuity Management Institute - BCM Institute)

2. Risk remaining after risk treatment.

(Source: ISO 22399:2007 – Societal Security - Guideline for Incident Preparedness and Operational Continuity Management) - clause 3.30

3. Risk (2.1) remaining after risk treatment (2.25)

Notes (1) : Residual risk can contain unidentified risk.

Notes (2) : Residual risk can also be known as “retained risk”.

[ISO Guide 73:2009, definition 3.8.1.6]

(Source: ISO 31000:2009 – Risk Management — Principles and Guidelines) - clause 2.27

4. The level of uncontrolled risk remaining after all cost-effective actions have been taken to lessen the impact and probability of a specific risk or group of risks, subject to the organizations risk appetite.

(Source: Business Continuity Institute - BCI)

Retrieved from "http://bcmpedia.org/wiki/Residual_Risk"

Personal tools

BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).

Search

Navigation

Glossary

Chinese Glossary (S)

Resources

Knowledge

Books

Acknowledgment

ISO Glossary

BCM Glossary

Toolbox

Residual Risk