Definitions for Risk Assessment Components
There are some common misconceptions when we talk about the definition of risk. To understand risk, we also need to define threats and vulnerabilities. A vulnerability is a weak spot in your environment and assets that have the potential to introduce threats and risk to your organization. A threat is a negative event or an exploit of a vulnerability. This can be intentional or unintentional and can result in the loss or damage of an asset, the thing that you’re protecting. Finally, a risk is the potential of loss or damage to an asset as a result of a threat exploiting a vulnerability.