Acceptable Risk

Acceptable Risk definition in Computer Security terms:

Acronym(s): None

Definition(s): The level of Residual Risk that has been determined to be a reasonable level of potential loss/disruption for a specific IT system. (See Total Risk, Residual Risk, and Minimum Level of Protection.).
Source(s): NIST SP 800-16

Synonym(s): None


reference: CSRC Glossary