Details

Item: Risk Assessment
Description: The process of identifying risks to organizational operations (including mission, functions, image, and reputation), organizational assets, and individuals resulting from the operation of an information system. Part of risk management, incorporates threat and vulnerability analyses, and considers mitigations provided by security controls planned or in place. Synonymous with risk analysis.
Source: https://csrc.nist.gov/glossary/term/risk_assessment
Context