Inherent Risk (Definition)

  1. A risk which it is impossible to manage or transfer away is said to be an inherent risk.
  2. The risk that exists when no controls have been put in place.

The second definition is used in financial auditing, where it refers to the risk of a material misstatement of facts prior to (or excluding the possible effects of) any internal controls. With the ISO standardization of risk management, its use in business continuity is becoming more frequent.

See also:

If you are an industry professional, consider subscribing to the free Risky Thinking Newsletter for articles, insights, and commentary on risk, business continuity, and security. It's low volume: we don't send out the newsletter unless there is something interesting to say!

Errors or Omissions? Contact us and let us know!