Residual Risk

From CIPedia
Revision as of 23:56, 27 September 2016 by Eluiijf (talk | contribs)
Jump to navigation Jump to search


European Definitions


ENISA uses the ISO definition, see below. [1]

Other International Definitions


The risk that remains in unmanaged form, even when effective disaster risk reduction measures are in place, and for which emergency response and recovery capacities must be maintained. [2]

According to UNISDR, the presence of residual risk implies a continuing need to develop and support effective capacities for emergency services, preparedness,response and recovery together with socio-economic policies such as safety nets and risk transfer mechanisms.

National Definitions


Risk that remains after implementing risk mitigation measures.

Risque qui subsiste après l’application de mesures d’atténuation du risque. [3]

Czech Republic

Zbytkové riziko: Riziko, které zůstává i po aplikaci příslušných opatření. [4]

Residual risk is the risk remaining even after an application of the appropriate measures. [5]


残存リスク: 対策が適用された後に残るリスク.

The risk that remains after countermeasures have been applied. [6]


Restrisiko bezeichnet das Risiko, das nach Realisierung aller vorgesehenen Sicherheitsmassnahmen weiterhin verbleibt. [7]

On entend par « risque résiduel » le risque qui subsiste une fois que toutes les mesures de sécurité prévues ont été mises en oeuvre. [8]

È il rischio che rimane dopo l'adozione di tutte le misure di sicurezza previste. [9]

United States

Residual risk is risk that remains after risk management measures have been implemented. [10]

Standard Definition


The portion of an original risk or set of risks that remain after countermeasures have been applied. [11]

ISO/IEC 27000:2014 and ISO 31000:2009

Risk remaining after risk treatment. [12] [13]

  • Residual risk can contain unidentified risk.
  • Residual risk can also be known as “retained risk”.

See also