Definition(s)
Residual Risk
Risk that remains after controls have been implemented.
Source: ISO 16530-1:2017, Petroleum and natural gas industries — Well integrity – Part 1: Life cycle governance, First Edition, March 2017. Global Standards
Residual Risk
Risk that remains after risk management measures have been implemented.
Source:API STANDARD 780, Security Risk Assessment Methodology for the Petroleum and Petrochemical Industries, First Edition, May 2013. Global Standards
Residual Risk
Risk that remains after risk management measures have been implemented.
Sample Usage: While increased patrols lessened the likelihood of trespassers, residual risk remained due to the unlocked exterior doors.
Synonym: unmitigated risk (residual risk).
Source: DHS Risk Lexicon, U.S. Department of Homeland Security, 2010 Edition. September 2010 Regulatory Guidance
Residual Risk
The amount of assessed risk that remains after risk controls/barriers have been fully implemented to reduce and mitigate a risk.
Source: IOGP Report No. 510, Operating Management System Framework for controlling risk and delivering high performance in the oil and gas industry, International Association of Oil & Gas Producers, June 2014. Global Standards
Residual Risk
Risk remaining after risk treatment.
- Note 1 to entry: Residual risk can contain unidentified risk.
- Note 2 to entry: Residual risk can also be known as “retained risk”.
Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global Standards
Residual Risk
Risk (1.1) remaining after risk treatment (3.8.1).
- NOTE 1 Residual risk can contain unidentified risk.
- NOTE 2 Residual risk can also be known as “retained risk”.
Source: ISO Guide 73:2009(E/F), Risk Management – Vocabulary, First Edition, 2009. Global Standards
Residual Risk
Risk that remains when a barrier, or combination of barriers, operates as intended.
Source: OGP Report No. 415, Asset integrity – the key to managing major incident risks, International Association of Oil & Gas Producers, December 2008. Global Standards
Residual Risk
The remaining risk after the security controls or countermeasures have been applied.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard