Unacceptable Risk

Audio transcript

When a system is not approved because the level of risk is considered too high, countermeasures are evaluated to determine whether the risk can be reduced to an acceptable level.

Specific countermeasures are selected and implemented in the environment to counter the threats, and the risk assessment is performed again.


Next Risk Management Model Information Assurance page 2 Main Menu Resources Glossary