876 B
876 B
Risk appetite is "The types and amount of risk, on a broad level, an organization is willing to accept in its pursuit of value." – NIST
According to the PMBOK® Guide (source):
- Risk Tolerance is the "specified range of acceptable results."
- Risk Threshold is the "level of risk exposure above which risks are addressed and below which risks may be accepted."
- Risk Appetite is the "degree of uncertainty an organization or individual is willing to accept in anticipation of a reward."
Articulate the risk appetite to:
- help guide risk and reward decision-making
- help to embed the right risk culture
See Topical InfoSec Kanban’s for inspiration.
See also Risk tolerance